Sectigo has announced an important change affecting the re-issuance of SSL/TLS certificates. Beginning January 1, 2026, Sectigo will no longer support the re-issuance of certificates using legacy (older) trust chains. All reissued certificates will instead be issued only under current, modern chains. Who Is Affected? This change primarily affects Microsoft server environments where some end-users are still using outdated operating systems or devices. In rare cases, these legacy systems do not trust Sectigo’s newer root certificates, which can cause trust warnings or connection failures. Previously, administrators could work around this issue by re-issuing the certificate with an older, cross-signed chain. However, Microsoft systems may not always honour this workaround — particularly when a shorter, but untrusted, chain path exists. In these environments, the client may ignore the cross-signed chain and…