Let's Encrypt has announced that it's received cross-signatures from IdenTrust.
The free-certificates-for-all venture, set up by researchers, the EFF, and a bunch of supporting vendors, says the cross-signatures mean the major browsers can now receive Let's Encrypt certificates without throwing an error.
The cross-signatures apply to the organisation's Let's Encrypt Authority X1 and Let's Encrypt Authority X2 intermediate certificates.
With browser support, visiting the Let's Encrypt demonstration at https://helloworld.letsencrypt.org/ no longer throws an “untrusted” error in Mozilla, IE, Safari, Chrome and the like.
The next step will be getting Web server admins to configure their systems to serve the cross-signature certificate.
That's not a problem, the group says.
“Almost all server operators will choose to serve a chain including the intermediate certificate with Subject 'Let’s Encrypt Intermediate X1' and Issuer 'DST Root CA X3',” the group writes. “The official Let’s Encrypt software will make this configuration seamlessly.”
Let's Encrypt was set up by Mozilla, Cisco, IdenTrust, Akamai, researchers from the University of Michigan, the Internet Security Research Group and the Electronic Frontiers Foundation. ®