The intermediate certificate authority (trust chain) for Akamai-managed OV certificates from DigiCert is changing on March 1, 2022, or later.
There are no changes to the trust chains for the following Akamai-managed certificates:
- GeoTrust OV
- Let’s Encrypt DV
- DigiCert EV
See SSL/TLS certificate chains for Akamai-managed certificates for details.
Akamai does not recommend that customers pin, or hard-code, any part of the SSL/TLS certificates or their trust chains in applications or client software. If your applications are sensitive to the trust chain changes, our recommendation is to use third-party certificates in our Certificate Provisioning System (CPS) and get certificates from a certificate authority (CA) whose policies are aligned with your business and product goals. You may also perform a ‘Force early renewal’ before change to keep the current trust chain for another 12 months. Remember that the new certificate must be issued before the trust chain change.
Any change made to the certificate after March 1, 2022 (such as a SAN modification or renewal) will result in a certificate issued by the new chain. In any case, please ensure that you enable ‘Always Test on Staging’ in CPS.
Our selection of root certificates does not change often, however intermediate certificates in each trust chain are subject to change without notice.