New certification hierarchy for certificates issued by Sectigo

Facebook Facebook Facebook Facebook Share

On May 15th from the Certification Authority (hereinafter CA) Sectigo They made a change to the certification hierarchy for certificates issued with this CA.

Therefore, from May onwards, certificates were generated with new certification chains. Below you will find the possible chains in certificates issued by Sectigo:

Current chain: uses a cross-signed intermediate certificate [CN=Sectigo Public Server Authentication Root R46,O=Sectigo Limited,C=GB] for compatibility:

Other chains vàlides

String using the new root [CN=Sectigo Public Server Authentication Root R46,O=Sectigo Limited,C=GB]

Many Linux systems do not yet carry this root in their truststores:

Obsolete chain, but still vàlida that uses the old root [CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB]

  • CN=Sectigo Public Server Authentication CA EV R36,O=Sectigo Limited,C=GB [6d4f7cad335377c8c6e001dde2e2c88e_r36.cer]
    • Num sèrie: 6d4f7cad335377c8c6e001dde2e2c88e
    • Expiration: 22/03/2036 00:59:59 CEST
  • CN=Sectigo Public Server Authentication Root R46,O=Sectigo Limited,C=GB [00d27fbbc1de359e5216ad6149586099c4_R46.crt]
    • Num sèrie: d27fbbc1de359e5216ad6149586099c4
    • Expiration: 19/01/2038 00:59:59 CET
  • CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US [3972443af922b751d7d36c10dd313595_UserTrust.crt]
    • Num sèrie: 3972443af922b751d7d36c10dd313595
    • Expiration: 01/01/2029 00:59:59 CET
  • CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB [1_AAA.crt]
    • Serial number: 1
    • Expiration: 01/01/2029 00:59:59 CET

Obsolete chain, but still vàlida that uses the old root [CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB]

  • CN=Sectigo Public Server Authentication CA EV R36,O=Sectigo Limited,C=GB [6d4f7cad335377c8c6e001dde2e2c88e_r36.cer]
    • Num sèrie: 6d4f7cad335377c8c6e001dde2e2c88e
    • Expiration: 22/03/2036 00:59:59 CEST
  • CN=Sectigo Public Server Authentication Root R46,O=Sectigo Limited,C=GB [397a66cc2756362e0daa87ca6eabe3b1.crt]
    • Num sèrie: e37ca2e9701e339c2f3fb0ed360ff90a
    • Expiration: 01/01/2029 00:59:59 CET
  • CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB- [1_AAA.crt]
    • Serial number: 1
    • Expiration: 01/01/2029 00:59:59 CET

If you have any questions about this statement, please Open a ticket for us. the integrator support form indicating your query.

Published in

Subscribe to the AOC newsletter

Receive weekly doses of vitamins to move towards a digital government

Related entries

See all →
  • Registration entities idCAT and T-CAT ·
  • Digital identity
    • ...

Updated requirements for applying for theidCAT Certificate: everything you need to know

The idCAT A certificate is an essential tool for carrying out procedures with the administration in a secure and digital way. The requirements for obtaining it have recently been reviewed and updated, and...
  • Digital certification ·
  • Identity and digital signature

Prepare your 2025 Income Tax withidCAT Certificate

The 2025 Income Tax campaign begins on April 8 and will run until June 30. To file the tax return online, you must have a recognized digital certificate....
  • Digital identity ·
  • Identity and digital signature

Catalans abroad can obtain theidCAT Certificate with video identification

The Government of Catalonia, through the Open Administration of Catalonia (AOC) and with the support of the Departments of the Presidency and of the European Union and Foreign Action, has put...