Let’s Encrypt have recently upgraded the Let’s Encrypt certificates, and the new ones no longer support older OS and browser versions. The new SSLs have updated OS requirements, which may prevent the proper display of Let’s Encrypt secured websites on older operating systems and browsers. You may see one of the following errors: “Your connection is not private”, “ERR_CERT_DATE_INVALID”, “Invalid SSL certificate”; or certain services such as Site Tools or Webmail may not be fully functional or appear broken.
If you have your SSL installed and renewed and still see an error, you probably have an outdated OS and/or browser. A reliable way to test is to open your website from another device (another PC, mobile phone, etc.). If you do not see any SSL errors from the new device, the issue is most certainly caused by the recent change.
To ensure that you have access to all websites encrypted by Let’s Encrypt, please update your browser and operating system to one of the supported ones. Here’s a list of the supported OS and browser versions.
Platforms that trust Let’s Encrypt ISRG Root X1
- Windows >= XP SP3 (assuming Automatic Root Certificate Update isn’t manually disabled)
- macOS >= 10.12.1
- iOS >= 10 (iOS 9 does not include it)
- iPhone 5 and above can be upgraded to iOS 10 and can thus trust ISRG Root X1
- Android >= 7.1.1 (but Android >= 2.3.6 will work by default due to the special cross-sign)
- Mozilla Firefox >= 50.0
- Ubuntu >= xenial / 16.04 (with updates applied)
- Debian >= jessie / 8 (with updates applied)
- Java 8 >= 8u141
- Java 7 >= 7u151
- NSS >= 3.26
Browsers (Chrome, Safari, Edge, Opera) generally trust the same root certificates as the operating system they are running on.
You can find the full list of supported browsers and OS at https://letsencrypt.org/docs/certificate-compatibility/.