Monday, May 12, 2025
HomeSSL/TLSLet's Encrypt Root Certificate Now Directly Trusted by Microsoft and all Major...

Let’s Encrypt Root Certificate Now Directly Trusted by Microsoft and all Major Root Programs

Published on

SIEM as a Service

Follow Us on Google News

Let’s Encrypt announced it’s root certificate ISRG Root X1 is now directly trusted by Microsoft and all other major root certificate programs including Microsoft, Google, Apple, Mozilla, Oracle, and Blackberry.

Starting from the first issuance the Let’s Encrypt intermediate certificates, Let’s Encrypt Authority X1 and Let’s Encrypt Authority X2 was cross-signed with IdenTrust root and trusted by all the major browsers.

Browsers and operating systems not supported by default to Let’s Encrypt certificates, so it was cross-signed by IdenTrust and the IdenTrust certificate trusted by the Browsers and operating systems directly.

- Advertisement - Google News
Let’s Encrypt
Chained With IdenTrust

Starting July 2018 Let’s Encrypt certificate directly trusted by almost all newer versions of operating systems, browsers, and devices.

“Some of those older systems will eventually be updated to trust Let’s Encrypt directly. Some will not, and we’ll need to wait for the vast majority of those to cycle out of the Web ecosystem.”

Let’s Encrypt says it would take at least five more years to cycle out the Web ecosystem, so they planned to continue the cross signature until then.

Now the Let’s Encrypt serves more than 115 million websites, it had a very good progress as it breaks the technical and cost barriers.

Let’s Encrypt Active Intermediate’s

Active

Let’s Encrypt Authority X3 (IdenTrust cross-signed)
Let’s Encrypt Authority X3 (Signed by ISRG Root X1)

Let’s Encrypt

Backup

Let’s Encrypt Authority X4 (IdenTrust cross-signed)
Let’s Encrypt Authority X4 (Signed by ISRG Root X1)

Site owner’s of Let’s Encrypt not required to make any changes and the site’s continue to work normally.

Also Read

Transport Layer Security (TLS) 1.3 approved by IETF With the 28th Draft

Private keys Leaked – 23,000 SSL Certificates to be Revoked Within Next 24 Hours

New Method to Establish Covert Channel Communication by Abusing X.509 Digital Certificates

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Open Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!

IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core...

Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft

Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded...

20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week

A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s...

“PupkinStealer” – .NET Malware Steals Browser Data and Exfiltrates via Telegram

A new information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to individuals...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Fake Certificate Issued for Alibaba Cloud After SSL.com Validation Trick

A critical vulnerability in SSL.com’s domain validation process allowed unauthorized parties to fraudulently obtain...

10 Best Free SSL Checker Tools 2024

SSL Checker helps you troubleshoot common SSL issues and SSL endpoint vulnerabilities. With the...

Google to Reduce SSL Certificate Lifespan to 90 Days

Recently, Google declared its plan to reduce the maximum validity for public TLS (SSL)...