USERTrust Intermediate Expiration in 2020

USERTrust Intermediate Expiration in 2020

The USERTrust RSA Certification Authority intermediate certificate expires on May 30, 2020 at 03:48 Pacific Daylight Time. This is an old intermediate certificate and modern operating systems have a new version available and won't be affected. When this certificate expires, operating systems without a new version of it will consider all InCommon certificates as "untrusted."  We don't expect very many people to be affected by this.

Checking if you're affected

If your equipment trusts a root certificate with a subject CN of "USERTrust RSA Certification Authority" and an expiration date of January 18, 2038, it is not affected.  If you can't view the root certificates on your equipment, contact the manufacturer and see if they can provide you a list of trusted root certificates.  

A list of exactly which operating systems and devices will be affected is not available.  We've been able to make some educated guesses about what might be affected, but this information is not exhaustive or verified.  If you have critical systems you should not rely on this information--check with the manufacturer or check yourself (if possible).  Instructions on how to do this are at the end of this section. 

Based on what we know, equipment released or receiving security updates after June 2010 will most likely not be affected.  Specific examples include:

  • Windows XP and later (XP was released in 2001 but received security updates through 2014)
  • Mac OS X Snow Leopard and later (Snow Leopard was released in 2009 but received security updates through 2013)
  • All iPhones

The following equipment may stop recognizing InCommon certificates after May 30, 2020:

  • Android or other phones made before 2010
  • Mac OS Leopard or earlier
  • Embedded devices (especially copy machines) made before June 2010.