Let's Encrypt Issues Root and Intermediate Certificates

The keys and certificates that will underlie Letâ€™s Encrypt have been generated. This was done during a key ceremony at a secure facility today. The following objects were created:

Key pair and self-signed cert for the ISRG root
Key pair and certificate for the ISRG rootâ€™s OCSP
Key pairs and certificates for two Letâ€™s Encrypt intermediate CAs
CRL under the ISRG root showing that the Letâ€™s Encrypt intermediates have not been revoked.

The certificates over the public keys, of course, can be made public:

ISRG Root X1 Certificate
Letâ€™s Encrypt Intermediate X1 CA Certificate
Letâ€™s Encrypt Intermediate X2 CA Certificate

Letâ€™s Encrypt will issue certificates to subscribers from its intermediate CAs, allowing us to keep our root CA safely offline. IdenTrust will cross-sign our intermediates. This will allow our end certificates to be accepted by all major browsers while we propagate our own root.

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Achieving Log Centralization and Analysis with Open Source SIEM and XDR: UTMStack

RELATED ARTICLES MORE FROM AUTHOR