If you are using outdated devices or outdated software,
you can observe an error on your site that it’s not secure,
even though the certificate was installed successfully.
This is caused by an expired DST Root CA X3 root certificate
On September 30, the DST Root CA X3 certificate expired,
that verified the security of Let’s Encrypt certificates
A new certificate that validates certificates from Let’s Encrypt
is codenamed ISRG Root X1.
Accordingly, all devices and operating systems that have been released
before the ISRG Root X1 certificate was generated
do not consider Let’s Encrypt certificates to be secure and may generate an error.
Legacy systems that may have access problems:
– Windows XP up to SP3 version
– macOS up to version 10.12
– iOS to version 10
– Android up to version 2.3
– Ubuntu up to version 16
– Debian up to version 8
– Older models of smart TVs and IOT devices.
To fix this situation you can install ISRG Root X1 certificate on your system yourself.
Download it from this link – https://letsencrypt.org/certificates
Select the .der certificate there
| Active ISRG Root X1 (RSA 4096, O = Internet Security Research Group, CN = ISRG Root X1)Self-signed: der, pem, txt |
When you run this certificate, a certificate installation dialog box should open:
