Let’s Encrypt’s root certificate is about to expire, and it might break your devices

One of the largest providers of HTTPS certificates, Let’s Encrypt, saw its root certificate expire this week — meaning you might need to upgrade your devices to prevent them from breaking.

Let’s Encrypt, a free-to-use nonprofit, issues certificates that encrypt the connections between your devices and the wider internet, ensuring that nobody can intercept and steal your data in transit. Millions of websites alone rely on Let’s Encrypt. But, as warned by security researcher Scott Helme, the root certificate that Let’s Encrypt currently uses — the IdentTrust DST Root CA X3 — was set to expire on September 30. After expiry, computers, devices and web clients — such as browsers — will no longer trust certificates that have been issued by this certificate authority.