Certificate Compatibility

Auf Deutsch ansehen

Ver en español

Voir en Français

לעבור לעברית


한국어로 보기

Ver em Português (do brasil)

Просмотреть на русском

Visa på svenska



Last updated: | See all Documentation

Let’s Encrypt aims to be compatible with as much software as possible without compromising security. The main determining factor for whether a platform can validate Let’s Encrypt certificates is whether that platform includes ISRG’s “ISRG Root X1” certificate or IdenTrust’s “DST Root CA X3” certificate in its trust store.

If your certificate validates on some of the “Known Compatible” platforms but not others, the problem may be a web server misconfiguration. If you’re having an issue with modern platforms, the most common cause is failure to provide the correct certificate chain. If you’re having an issue with older platforms like Windows XP, the most common causes are failure to configure a ciphersuite or TLS version that is supported on the platform or that the platform lacks support for Server Name Indication (SNI). Test your site with SSL Labs’ Server Test. If that doesn’t identify the problem, ask for help in our Community Forums.

You may want to visit this particular community forum discussion for more information about compatibility.

Known Compatible

Known Incompatible