Wednesday, April 24, 2024

Let’s Encrypt Root Certificate Now Directly Trusted by Microsoft and all Major Root Programs

Let’s Encrypt announced it’s root certificate ISRG Root X1 is now directly trusted by Microsoft and all other major root certificate programs including Microsoft, Google, Apple, Mozilla, Oracle, and Blackberry.

Starting from the first issuance the Let’s Encrypt intermediate certificates, Let’s Encrypt Authority X1 and Let’s Encrypt Authority X2 was cross-signed with IdenTrust root and trusted by all the major browsers.

Browsers and operating systems not supported by default to Let’s Encrypt certificates, so it was cross-signed by IdenTrust and the IdenTrust certificate trusted by the Browsers and operating systems directly.

Let’s Encrypt
Chained With IdenTrust

Starting July 2018 Let’s Encrypt certificate directly trusted by almost all newer versions of operating systems, browsers, and devices.

“Some of those older systems will eventually be updated to trust Let’s Encrypt directly. Some will not, and we’ll need to wait for the vast majority of those to cycle out of the Web ecosystem.”

Let’s Encrypt says it would take at least five more years to cycle out the Web ecosystem, so they planned to continue the cross signature until then.

Now the Let’s Encrypt serves more than 115 million websites, it had a very good progress as it breaks the technical and cost barriers.

Let’s Encrypt Active Intermediate’s


Let’s Encrypt Authority X3 (IdenTrust cross-signed)
Let’s Encrypt Authority X3 (Signed by ISRG Root X1)

Let’s Encrypt


Let’s Encrypt Authority X4 (IdenTrust cross-signed)
Let’s Encrypt Authority X4 (Signed by ISRG Root X1)

Site owner’s of Let’s Encrypt not required to make any changes and the site’s continue to work normally.

Also Read

Transport Layer Security (TLS) 1.3 approved by IETF With the 28th Draft

Private keys Leaked – 23,000 SSL Certificates to be Revoked Within Next 24 Hours

New Method to Establish Covert Channel Communication by Abusing X.509 Digital Certificates


Latest articles

Phishing Attacks Rise By 58% As The Attackers Leverage AI Tools

AI-powered generative tools have supercharged phishing threats, so even newbie attackers can effortlessly create...

Multiple MySQL2 Flaw Let Attackers Arbitrary Code Remotely

The widely used MySQL2 has been discovered to have three critical vulnerabilities: remote Code...

CoralRaider Hacker Evade Antivirus Detections Using Malicious LNK File

This campaign is observed to be targeting multiple countries, including the U.S., Nigeria, Germany,...

Spyroid RAT Attacking Android Users to Steal Confidential Data

A new type of Remote Access Trojan (RAT) named Spyroid has been identified.This...

Researchers Uncover that UK.GOV Websites Sending Data to Chinese Ad Vendor Analysts

Analysts from Silent Push, a data analytics firm, have uncovered several UK government websites...

Ransomware Victims Who Opt To Pay Ransom Hits Record Low

Law enforcement operations disrupted BlackCat and LockBit RaaS operations, including sanctions on LockBit members...

IBM Nearing Talks to Acquire Cloud-software Provider HashiCorp

IBM is reportedly close to finalizing negotiations to acquire HashiCorp, a prominent cloud infrastructure...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles