Due to a recent update by Letsencrypt, their root certificate Identrust-DST-Root-CA-x3 will not be valid from 30th September 2021. If you are using a custom domain for your accounts, your users on older OS/browser versions might face connection issues.

What you need to do:


  1. Check if you are impacted: Find out if you are impacted using the link here. If the page loads without any issues, then no action is expected from you. If not, you will have to update your OS / Browser versions based on the requirements listed below. 

  2. Update your OS/Browser versions if you are impacted: You will see a "Connection Not Secured" error caused by the Let'sEncrypt root certificate "Identrust-DST-Root-CA-x3" expiry if you do not update your browsers / OS. 


The following table lists the affected OS and browser combinations, along with possible solutions. 

Operating System

Browser

Affected / Freshservice Supported

Possible Solution

Windows >= 7

Mozilla Firefox < 50

Affected

Upgrade to Mozilla Firefox > 50

Windows >= 7*


*assuming Automatic Root Certificate Update isn't manually disabled


Any Other Browser

Not Affected

NA

Windows < 7

Any Browser

Not Supported

1. Use Mozilla Firefox > 50

OR

2. Upgrade to Windows >=  7

macOS > 10.9

Mozilla Firefox < 50

Affected

Upgrade to Mozilla Firefox > 50

macOS > 10.9

Any other Browser

Affected

1. Use Mozilla Firefox > 50

OR

2. Manually add ISRG X1  Root Certificate: Link

OR 

3. Upgrade to macOS > 10.12.1

macOS < 10.9

Any Browser

Not Supported

1. Use Mozilla Firefox > 50

OR

2. Manually add ISRG X1  Root Certificate: Link

OR 

3. Upgrade to macOS > 10.12.1

macOS > 10.12.1

Mozilla Firefox < 50

Affected

Upgrade to Mozilla Firefox > 50

macOS > 10.12.1

Any other Browser

Not Affected

NA

Android < 7

Any Browser

Not Supported

Android >= 2.3.6 will work.

If not, Upgrade to Android 7 or above

Android > 7.1.1

Any Browser

Not Affected

NA

IOS < 10

Any Browser

Not Supported

Upgrade to IOS > = 10

IOS > = 10

Any Browser

Not Affected

NA



FOR MAC OS 

Note: If your operating system is MACOS < 10.9 (Mavericks), we request you upgrade to the latest OS. 

Scope

Affected OS Version 

Affected Browser Version

Affected OS

MacOS < 10.12.1

Firefox < 50. Firefox stores its built-in cert store. So we recommend that you update your Firefox to the latest version.


Affected OS supported by Freshworks 

OS X 10.9    Mavericks    

OS X 10.10    Yosemite    

OS X 10.11    El Capitan


Other Browsers like chrome, safari, etc., use their operating systems certificate store. So ensure the OS is upgraded to the latest version.


Procedure to Add ISRG X1 root certificate:


  • If you face the "Your connection is not private" error while accessing the portals, here is what you have to do.

     


  • Visit the Let's encrypt home site and download the ACTIVE version of the ISRG Root X1 Certificate. (Pem format) 



  • After you download the certificate, go to the keychain Access



  • Select File > Import Items. Navigate to the file downloaded. Select System as "Destination Keychain."




  • Enter password where-ever prompted.

  • Logoff to take effect.

  • On some Mac OS versions, you need to do the following:

    • Right-click on the certificate in Keychain Access and select Get Info

    • Expand the Trust section

    • Under When using this certificate, choose Always Trust.

For Windows:


If your operating system is Windows XP < SP3, upgrade to the latest OS to access the portal using a secure connection.


Scope

Affected Version

Affected Browser Version

Affected OS

Windows XP < Sp3

Firefox < 50. 

Firefox has its built-in cert store. It is recommended to update Firefox to the latest version.

Other Browsers like chrome, safari, etc., use their operating systems certificate store. So ensure the OS is upgraded to the latest version.

Affected OS supported by Freshservice 

N/A


NoteFreshservice recommends using Windows 7 or higher with Automatic Root Certificate Update enabled to use our portals securely.