Release Note

Validated on 19 Jan 2022 • Last edited on 27 Sep 2023

Managed Let’s Encrypt certificates will begin using Elliptic Curve Digital Signature Algorithm (ECDSA) instead of RSA. ECDSA is equally secure and more computationally efficient than RSA. ECDSA certificates follow the shorter root chain and aren’t rooted using the DST Root CA X3 cross-sign which expired on 30 September 2021.

As we roll out this change, new Let’s Encrypt certificates provisioned for DigitalOcean Load Balancers and Spaces will increasingly use ECDSA and existing certificiates secured with RSA will be secured with ECDSA upon auto-renewal. This change doesn’t require any action from DigitalOcean customers.

We can't find any results for your search.

Try using different keywords or simplifying your search terms.