Table of Contents

Fix for the Lets Encrypt Root Certificate Expiry Bug

Jordan Millar Updated by Jordan Millar

On Sep 30, 2021, one of the certificates that was used on the internet to validate servers expired. Normally these certificates have an auto-renewal type feature built-in but this certificate dates way back to the year 2000 and pre-dates these features.

If you have an older iOS device running iOS 9 or earlier or an Android device running Android 7 or earlier your certificate will not automatically renew and you will be prevented from syncing with the ChekRite server.

Fortunately, we have come up with a way around this but you will have to do a couple of things on your end.

Firstly, you should navigate to this page from the affected device. (https://help.chekrite.com/troubleshooting/cert). You may get the following error. If you do, just push Continue to go to the website.

Then you should download a new certificate by clicking on this link: https://letsencrypt.org/certs/isrgrootx1.der

The steps below are for an iOS device but similar steps will exist for Android devices.

When you navigate to the file above, you will be asked to install a profile. The screen will look like the one below.

Click on the Install button at the top right and then the Install button in red on the dialog box.

Once installed you will see the following screen with word Verified in green. You can now push the Done button on the top right.

That’s it. You have installed the latest certificate which will keep you going until 2035 or until you upgrade your device.

How did we do?

Contact