On March 12th at 00:00 UTC, New Relic will initiate a proactive testing window where endpoints will temporarily transition to the DigiCert G2 root certificate. This event is designed to support customers in proactively identifying impacted systems ahead of the permanent root certificate update scheduled for April 2nd (UTC).
This aligns with an industry-wide security change. On April 15th, 2026, major browser trust stores and security authorities will officially distrust the legacy DigiCert G1 Root Certificate. To maintain its strong continued security posture, New Relic is updating its infrastructure to utilize modern root certificates prior to this deadline.
Most modern systems and agents are designed to handle this change automatically. If your systems do not recognize and trust these newer root certificates when the update is applied, the secure handshake will fail and would result in a telemetry data drop, meaning your metrics, events, traces, and logs may stop reporting to the New Relic platform. This risk is primarily associated with legacy Java agents (older than v6.4.2), certain Docker images, and systems using pinned certificates.
