As I said in my initial response, if you have a cert affected by this and you need to resolve it immediately you can rerun autossl it will detect the expired CA Root and regenerate the cert with the non-expired CA Root Certificate. The only issue with that was the fact that Sectigo became overwhelmed by the number of requests it was receiving. We have completed work on an AutoFixer script for this at this time that will automatically update the CA Root Cert on affected SSL certificates this can be run with the following:So, are you saying that all cPanel servers should have this resolved but now? ("This is related to a CA Root certificate expiring, and these issues should be resolved at this time.") I see no issues on my server's performance (in modern browsers), nor with AutoSSL, nor errors reported when running AutoSSL for all users, but I did notice when FTPS started to fail connections if the client didn't like the certificate chain having an expired cert in it. I can work around that, but isn't the issue of the expired cert in the chain still present? ( https://whatsmychaincert.com/?cpanel.net )
If so, would the solution be to change the cert chain on the server, or are we awaiting an upstream fix to resolve this?
If it is something we can do, where would it be done? (Home »Service Configuration »Manage Service SSL Certificates, Home »SSL/TLS »SSL Storage Manager, or ???)
Please give us clear advice as to whether and how we should take action or wait for an upstream solution.
Please let me know if there are still uncertainties on what you should or need to do to resolve this.