How do I check if my certificate was issued by Let's encrypt or google trust

patos · March 19, 2024, 3:00pm

From what I’ve read, Cloudflare issues free SSL certificates from either Lets encrypt or google trust, how do I check that out, and in case its google trust will the upcoming “Let’s encrypt” change affect me in someway or another?

Thank you.

sjr · March 19, 2024, 3:01pm

Click the padlock (or “tune” icon for Chrome) in your browser address bar and view the certificate which will tell you.

Otherwise you can give the domain.

Note that certificates change every 3 months so your site may use the other CA next time.

mcorreia · March 19, 2024, 3:04pm

Hi there,

You can use openssl from terminal, or curl for instance.
If you want a way to see it on your Cloudflare dashboard
Open your zone and go to SSL/TLS > Edge Certificates, scroll down to the active certificate below, press it, and it should say the certificate authority:

Take care.

patos · March 19, 2024, 3:31pm

Thanks for the tip, I wanna know though if my website/API was certified by google trust, will I be affected by the new Let’s encrypt change?

epic.network · March 19, 2024, 3:37pm

The Let’s Encrypt change primarily effects old Android devices running version 7.1.1 or earlier. That version of Android has been unsupported by Google since the fall of 2019. Unless you have an unusual amount of visitors that are using ancient Android devices, you are unlikely to even notice the change.

patos · March 19, 2024, 3:40pm

hmmm, even if I got my SSL certificate from google trust, older android devices will be affected (7.1.1 or earlier)? can you please explain why? (I don’t really care about the number of users, I just wanna know)

epic.network · March 19, 2024, 3:52pm

I did not mention anything about Google Trust. As far as I know, nothing is changing with them.

To understand why the Let’s Encrypt change effects these devices, you need to know that a certificate is validated by a chain of trust that begins with a root certificate that is known and trusted by a certificate store on the client device. The root certificate that was being used has expired and the replacement is not known by the root trust store of the obsolete operating systems. This results in the device thinking that the certificates are invalid since it sees them coming from an unknown issuer.

Users of affected devices can still use Firefox since it has its own certificate store built in. The best approach, however, is to not use unmaintained or obsolete operating systems.

patos · March 19, 2024, 3:58pm

Alright, thank you for the useful info. good stuff!

system · March 21, 2024, 3:58pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Remove Google Trust Services LLC SSL Certificate and use the Let's Encrypt one on my server Security	6	7650	February 19, 2024
Cloudflare and Lets Encrypt Security	2	1101	July 16, 2023
Does Let's Encrypt work and renew when Cloudflare is enabled? DNS & Network	1	964	June 16, 2023
The cloudflare domain name certificate has become LET's certificate Security	3	2303	December 3, 2021
How to swich SSL from Google to Let's Encrypt? Security	2	1253	June 10, 2023

How do I check if my certificate was issued by Let's encrypt or google trust

Related topics