Sectigo Public Root CAs Migration 2025

We are pleased to announce that Sectigo has successfully integrated new Public Root Certificate Authorities into major root stores including Mozilla, Microsoft, Apple, and Google/Chrome.

To assist with the upcoming migration, Sectigo has provided a helpful FAQ to address common questions and concerns, ensuring that stakeholders remain informed and ready. You can access it here: Sectigo Public Root CAs Migration

Please make a note of the following key transition dates:

- EV TLS: April 15, 2025
- OV TLS: May 15, 2025
- DV TLS: June 2, 2025

To ensure compatibility and avoid connectivity issues on older devices, we recommend utilizing the following certificate chain, which is provided with your certificate:

1. [Client Certificate Number] – your end-entity certificate
2. Sectigo Public Server Authentication CA DV/OV/EV R36 (Intermediate)
3. Sectigo Public Server Authentication Root R46 (cross-signed by USERTrust) – please include this as it functions as a secondary intermediate.
4. (Optional) Older Root - USERTrust RSA – while clients typically trust this, in some instances, it may still be necessary to include it in the certificate chain.

Should you have any questions or require assistance, please do not hesitate to contact us at info@leaderssl.com. We are here to help.