SYSTEM INFORMATION | |
---|---|
OS type and version: | CentOS Linux 7.9.2009 |
Webmin version: | 1.981 |
Virtualmin version: | 6.17 |
Related products version: | RECOMMENDED |
I am using Let’s Encrypt with certbot and Virtualmin to renew the TLS certificates of my domains.
DST Root CA X3 is expiring on September 30 2021 and can cause problems on old systems like centos 7 and OpenSSL 1.0.2.
I think, when we are renewing SSL certificate with Virtualmin we are using this command (I am not using the command line, only the GUI in Virtualmin):
certbot renew --dry-run --preferred-chain "ISRG Root X1".
But I’d like to be sure… (I haven’t really dug into this stuff, but I think if it is the case, we avoid the problem with DST Root CA X3).
Can there be any problems in Centos 7 and Virtualmin after September 30th for not deleting DST Root CA X3 from CentOS Trust certificates?
Thank you very much (sorry for my English).
References:
https://blog.devgenius.io/lets-encrypt-change-affects-openssl-1-0-x-and-centos-7-49bd66016af3#bd4c
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/