• Re: Adding New Let's Encrypt Certificate for old Mac OS and iOS

    From super70s@21:1/5 to D Finnigan on Wed Oct 13 17:42:12 2021
    XPost: comp.sys.mac.vintage

    In article <dog_cow-1633054331@macgui.com>,
    D Finnigan <dog_cow@macgui.com> wrote:

    Today, one of Let's Encrypt's chain-of-trust certificates expired. This caused some of my older Apple devices to give a certificate warning when trying to access some web sites.

    The fix is simple: you just need to add the new Let's Encrypt certificate to the certificate trust store in iOS. The new certificate that you need to add is called ISRG Root X1. You can get the PEM file here: https://letsencrypt.org/certs/isrgrootx1.pem

    If your machine can't access the Let's Encrypt web site because it doesn't support newer versions of TLS, then you need to download the PEM file on a newer computer, then put it on a web server that supports plain HTTP or an older TLS version, and download from there. I'm sure most people reading
    this newsgroup know how to set up a local web server at home to do this.

    I didn't have a browser problem but both my Tenfourbird mail app on my
    Power Mac G4 running 10.4 and Apple Mail app on my 2009 iMac running
    10.11 quit connecting last week. I called my ISP who were clueless
    ("we'd be getting a lot of calls about this if our mail server was
    down") but I finally figured it out after a little web searching and
    installed the new certificate on both machines. Both mail accounts
    started working normally.

    Something strange though, the new certificate says it will expire in
    Nov. 2021 but I'm not sure if it will or not. Guess I'll find out in
    November.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)