/
(DC) Errors from not using new Intermediate Certificate

(DC) Errors from not using new Intermediate Certificate

Description

This article only applies to new certificates issued on or after 01 Nov 2023.   Due to the recent change by InCommon / Sectigo on 01 Nov 2023, all certificates require an updated certificate chain that has an updated intermediate certificate that now expires in the year 2032, versus October 2024.   You can check your certificate chain by following the following steps:

  1. Visit the following "SSL Shopper" link: SSL Checker

  2. Enter the FQDN of your service.  It must be reachable from the internet to use this tool.

  3. Click the Check SSL button.

  4. See how to interpret the result below.

Resolution

If your services certificate chain is invalidated by the updated intermediate certificate, then you will see the following information appear. 

The action need is to visit (DC) Certificate Chain (Root and Intermediate) and download and install the updated intermediate certificate. The USERTrust RSA root certificate has not changed and does not need to be updated.

 

If your services certificate chain is valid, you will see the response below to indicate that all is well and no action is needed and will continue to function until the certificate expires, upon which you will need to follow standard procedures to request a renewed SSL certificate near the expiration date.

 

'

 

Confluence Documentation | Web Privacy Policy | Web Accessibility