Let’s Encrypt Halts All Certificate Issuance After Cross-Signed Root Certificate Incident

Let’s Encrypt, the world’s most widely used free Certificate Authority, temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue involving a cross-signed certificate linking the organization’s Generation X root to its upcoming Generation Y root infrastructure. The incident triggered a complete shutdown of issuance across both production and staging environments before services were restored within approximately two and a half hours.

The timing of the incident is particularly significant: it occurred just five days before three major platform changes were scheduled to go live on May 13, 2026 — changes that include shorter certificate lifetimes and a transition to the new Generation Y intermediate certificates.

Timeline of the Incident

The sequence of events unfolded as follows:

• 18:37 UTC, May 8: Let’s Encrypt engineers became aware of a potential incident involving the cross-signed certificate and immediately halted all certificate issuance as a precautionary measure.
• Affected components: Production and staging ACME API endpoints (acme-v02.api.letsencrypt.org and acme-staging-v02.api.letsencrypt.org), as well as portal environments hosted across two high-assurance datacenters.
• 21:03 UTC, May 8: Let’s Encrypt confirmed that certificate issuance had resumed. However, as a direct result of the cross-signed certificate issue, all generation was rolled back to the Generation X root.

The rollback specifically impacts two ACME certificate profiles: tlsserver and shortlived. Let’s Encrypt has not disclosed whether any incorrectly issued certificates were distributed before issuance was halted.

What Is a Cross-Signed Certificate — And Why Does It Matter?

Cross-signing is a mechanism used by Certificate Authorities to establish trust across different root infrastructures. A cross-signed certificate allows a newer, less widely trusted root to leverage the trust already established by an older, more universally trusted root — ensuring that certificates chain up to a root already present in browsers and operating systems.

When something goes wrong with a cross-signed certificate — whether it is issued incorrectly, contains unexpected validity periods, or creates unintended trust chains — the consequences can ripple across all certificates that rely on that chain. Let’s Encrypt’s decision to halt issuance entirely rather than risk distributing potentially problematic certificates reflects sound, conservative incident response practice.

Planned May 13 Changes Still on Track

The incident comes just ahead of three significant platform changes that Let’s Encrypt had already announced for May 13, 2026:

• 45-day certificate lifetimes: The tlsserver ACME profile will begin issuing 45-day certificates as part of Let’s Encrypt’s phased roadmap to reduce certificate lifetimes from 90 days to 45 days over the next two years.
• tlsclient profile restrictions: The tlsclient profile (used for TLS client authentication) will be restricted to ACME accounts that have previously requested certificates from it. Full support will end on July 8, 2026.
• Classic profile transition: The classic ACME profile was scheduled to transition to Generation Y intermediates, which chain to the existing X1 and X2 roots — a change designed to maintain broad compatibility across client environments.

All three changes remain on track for the May 13 production rollout, and all are currently live in Let’s Encrypt’s staging environment. The cross-signed root issue did not affect these scheduled rollout plans.

What Administrators Should Do Now

While Let’s Encrypt reports that services have been fully restored, administrators relying on automated ACME-based renewal workflows should take the following steps:

• Check renewal logs for any certificates that were due to renew during the 18:37–21:03 UTC window on May 8 and confirm they renewed successfully after services resumed.
• Verify certificate chains for any certs issued around this window — particularly those using the tlsserver or shortlived profiles — to confirm they chain correctly to the expected Generation X root.
• Prepare for 45-day lifetimes: With the May 13 transition approaching, ensure your ACME renewal automation is configured to handle shorter-lived certificates without manual intervention. Renewals should be triggered well in advance of expiry.
• Monitor Let’s Encrypt status: Follow letsencrypt.status.io and the community forums at community.letsencrypt.org for updates as the Generation Y root transition proceeds.

Broader Context: Internet Infrastructure Risk

Let’s Encrypt secures an estimated 500 million or more domains with free, automatically renewing TLS certificates. An extended outage of its issuance infrastructure would have far-reaching consequences for web security across the globe, affecting everything from small personal websites to major enterprise applications.

The swift response — detecting, halting, and restoring issuance within 2.5 hours — demonstrates mature incident response capabilities. However, the episode underscores the critical importance of resilient ACME renewal pipelines and the risks inherent in transitioning between root certificate generations for a CA of Let’s Encrypt’s scale.