1. Home
  2. SSL Certificate Support
  3. Sectigo Root and Intermediate Certificates

Sectigo Root and Intermediate Certificates

Sectigo AddTrust Root Expiration

On May 30th, 2020, two chain certificates from the Sectigo (formerly Comodo CA) trust store expired. Modern browsers and systems should use the new chain file replacements automatically, so changes may not be required. However, in cases where the full Certificate Authority chain is installed locally, or your web server is accessed by older systems that do not have the newest root installed, the root certificate will need to be replaced on your server to avoid errors or browser warnings.  

You can find the full list of chain file options below, and you will want to implement the files that match your order validation type. 

In some cases, it can be easier to reissue your SSL certificate and install the new file provided on your server to automatically chain with the newest intermediate and root certificates.  

SSL 

Domain Validation 

[DownloadSectigo RSA Domain Validation Secure Server CA [Intermediate] 
[Download]USERTrust RSA Root xSigned using AAA CA [Cross Signed] 
(Or) 
[DownloadSectigo RSA DV Bundle [Intermediate + Cross Signed] 

Organization Validation 

[DownloadSectigo RSA Organization Validation Secure Server CA [Intermediate] 
[Download]USERTrust RSA Root xSigned using AAA CA [Cross Signed] 
(Or) 
[DownloadSectigo RSA OV Bundle [Intermediate + Cross Signed] 

Extended Validation 

[DownloadSectigo RSA Extended Validation Secure Server CA [Intermediate] 
[Download]USERTrust RSA Root xSigned using AAA CA [Cross Signed] 
(Or) 
[DownloadSectigo RSA EV Bundle [Intermediate + Cross Signed] 

Code Signing 

Standard (Organization or Individual Validation)  [DownloadSectigo RSA Code Signing CA  

EV Code Sign  [DownloadSectigo RSA Extended Validation Code Signing CA  

Secure Email  

[DownloadSectigo RSA Client Authentication and Secure Email CA 

Root Certificates 

[Download] SHA-2 Root : USERTrust RSA Certification Authority 
[Download] SHA-1 Root*: AddTrust External CA Root [expires after May 30, 2020] 

Updated on

Was this article helpful?

Related Articles