Jan 17 2021 10:29 PM
when is the roadmap to add lets encrypt R3 and E1 as trusted root certificates
I am receiving certificate not valid for newly generated certificates from LetsEncrypt in Edge browser. I don't receive the same error in Chrome
Jan 19 2021 03:02 PM
@vairakkumarHF Hello! I'm currently not aware of any issues with Let's Encrypt and Microsoft Edge. Is there any more information you can provide? Is there a website we can test that will reproduce the issue? Thanks!
-Kelly
Jan 27 2021 07:18 PM
Don't know what the problem was, it is no longer occurring in Microsoft Edge and it is displaying the certificate path accurately.
Thanks
Jan 27 2021 07:29 PM
This intermediate CA cert from LE is not found:
DST Root CA X3
- R3 (
CN = R3
O = Let's Encrypt
C = US
)
whereas the following is found:
DST Root CA X3
- Let's Encrypt Authority X3 (
CN = Let's Encrypt Authority X3
O = Let's Encrypt
C = US
)
So, it appears that it displays untrusted certificate that is a leaf issued based on R3.
Feb 01 2021 05:07 PM
@vairakkumarHF For clarity, on Windows today, both Microsoft Chrome and Microsoft Edge defer certificate trust decisions to the Windows Trusted Root Store; if Chrome trusts the cert, so will Edge, and vice-versa.
For debugging certificate trust issues, sharing the full built-chain is very helpful; https://textslashplain.com/2017/03/30/get-help-with-https-problems/