On Saturday, May 30, 2020, one of the intermediate CA certificates for popular SSL\/TLS certificates from vendor Sectigo (formerly Comodo) expired. For current versions of browsers nothing has changed, but most of the automations and the old browsers \/ OS began to give errors.<\/p>\n
There are two solutions to this problem:<\/p>\n
1) Reissue the certificate. In this case, the certificate will already be signed by the new chain of intermediate certificates. This option will be handy for certificates with only domain validation (DV certificates) because these certificates can be reissued in minutes. For certificates with organization validation (OV) and certificates with Extended Validation (EV) it will be easier to use the other option.<\/p>\n
2) Replace the root certificate chain. <\/p>\n","protected":false},"excerpt":{"rendered":" On Saturday, May 30, 2020, one of the intermediate CA certificates for popular SSL\/TLS certificates from vendor Sectigo (formerly Comodo) expired. For current versions of browsers nothing has changed, but most of the automations and the old browsers \/ OS began to give errors. There are two solutions to this problem: 1) Reissue the certificate….<\/p>\n","protected":false},"author":5,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"inline_featured_image":false,"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","ghostkit_customizer_options":"","ghostkit_custom_css":"","ghostkit_custom_js_head":"","ghostkit_custom_js_foot":"","ghostkit_typography":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"ht-kb-category":[10696],"ht-kb-tag":[],"class_list":["post-37065","ht_kb","type-ht_kb","status-publish","format-standard","hentry","ht_kb_category-ssl-certificates"],"taxonomy_info":{"ht_kb_category":[{"value":10696,"label":"SSL certificates"}]},"featured_image_src_large":[],"author_info":{"display_name":"\u0414\u0430\u043d\u0438\u0438\u043b \u0418\u0432\u0430\u043d\u044c\u043a\u043e\u0432","author_link":"https:\/\/tuthost.ua\/en\/author\/daniil-tuthost-com\/"},"comment_info":0,"_links":{"self":[{"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb\/37065","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/comments?post=37065"}],"version-history":[{"count":1,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb\/37065\/revisions"}],"predecessor-version":[{"id":58413,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb\/37065\/revisions\/58413"}],"wp:attachment":[{"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/media?parent=37065"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb-category?post=37065"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb-tag?post=37065"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nThe up-to-date root certificate chain can be downloaded from the Sectigo<\/a>website
\nFor certificates with domain validation (DV) only – here<\/a>
\nFor certificates with organization verification (OV) – here<\/a>
\nFor certificates with Extended Validation (EV) – here<\/a><\/p>\n