Let’s Encrypt is introducing several updates to the certificates we issue, including new root certificates, the deprecation of TLS client authentication, and shortening certificate lifetimes. To help roll out changes gradually, we’re making use of ACME profiles to allow users to have control over when some of these changes take place. For most users, no action is required. Let’s Encrypt has generated two new Root Certification Authorities (CAs) and six new Intermediate CAs, which we’re collecti...