The 'moment of truth' for LetsEncrypt: the end of the validity of the root
certificate that was used to kickstart LetsEncrypt before they got their own
root certificate in (most) certificate stores.
I notice openssl is still showing the old chain (but not the expired intermediate):
---
Certificate chain
0 s:CN = koos.idefix.net
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Which is interesting as the ISRG Root X1 is also in the root store. But it's
also cross-signed to the DST Root CA.
Checking the
verification steps (and not the chain as given out by
the server) gives the new path already:
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = koos.idefix.net
verify return:1
This is a subtle but important difference.
Only hours left until the DST Root expires:
$ openssl x509 -in DST_Root_CA_X3.crt -noout -enddate
notAfter=Sep 30 14:01:15 2021 GMT
If services break after 14:01:15 GMT (UTC) today you're not working according
to best practices (replacing the certificate chain with every certificate
replacement) or you have old clients.
Slight update: I requested a new LetsEncrypt certificate for a service after
14:01:15 GMT (UTC) and it still has the certificate chain with
cross-certification to DST Root CA X3:
---
Certificate chain
0 s:CN = koos.idefix.net
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
The verification steps are as above.