Sectigo Root and Intermediate Certificates

Sectigo AddTrust Root Expiration

On May 30th, 2020, two chain certificates from the Sectigo (formerly Comodo CA) trust store expired. Modern browsers and systems should use the new chain file replacements automatically, so changes may not be required. However, in cases where the full Certificate Authority chain is installed locally, or your web server is accessed by older systems that do not have the newest root installed, the root certificate will need to be replaced on your server to avoid errors or browser warnings.

You can find the full list of chain file options below, and you will want to implement the files that match your order validation type.

In some cases, it can be easier to reissue your SSL certificate and install the new file provided on your server to automatically chain with the newest intermediate and root certificates.

SSL

Domain Validation

[Download] Sectigo RSA Domain Validation Secure Server CA [Intermediate]
[Download] USERTrust RSA Root xSigned using AAA CA [Cross Signed]
(Or)
[Download] Sectigo RSA DV Bundle [Intermediate + Cross Signed]

Organization Validation

[Download] Sectigo RSA Organization Validation Secure Server CA [Intermediate]
[Download] USERTrust RSA Root xSigned using AAA CA [Cross Signed]
(Or)
[Download] Sectigo RSA OV Bundle [Intermediate + Cross Signed]

Extended Validation

[Download] Sectigo RSA Extended Validation Secure Server CA [Intermediate]
[Download] USERTrust RSA Root xSigned using AAA CA [Cross Signed]
(Or)
[Download] Sectigo RSA EV Bundle [Intermediate + Cross Signed]