---
number: 28118
slug: 28118-digicert-no-longer-being-used-as-the-ca-for-supabase-http-apis
published: 2024-07-22
discussion: https://github.com/orgs/supabase/discussions/28118
labels:
  - security
  - breaking-change
page: https://supabase.com/changelog/28118-digicert-no-longer-being-used-as-the-ca-for-supabase-http-apis
---

# DigiCert no longer being used as the CA for Supabase HTTP APIs

Supabase HTTP APIs are [no longer using DigiCert](https://developers.cloudflare.com/ssl/reference/migration-guides/digicert-update/) as the root CA. This should have **no** impact on the vast majority of environments, as the other CAs in use are essentially universally trusted.

If your client environment only trusts certificates signed by DigiCert, you could be impacted. We're currently using Cloudflare to serve our HTTP APIs, and recommend ensuring that any client environment that only trusts a specific subset of CAs trusts [all of the CAs](https://developers.cloudflare.com/ssl/reference/certificate-authorities/) Cloudflare uses.