A New Let’s Encrypt Certificate Will Break Part Of The Web For Older Android Versions In 2021

Let’s Encrypt, the free SSL certificate provider used by over 100 Million websites including this one announced that a root certificate its service uses, provided by IdenTrust, is set to expire on September 1, 2021.

The non-profit certificate authority is ready for the expiration and will use its own root certificate going forward. Let’s Encrypt’s new root certificate called ISRG Root X1 is on supported on devices running Android versions prior to 7.1.1 (Nougat). Meaning millions of devices running these older Android version will not be able to connect to websites with Let’s Encrypt SSL certificates. In a way this way breaks the web for these Android device.

A workaround for users of these older Android versions is to install Firefox Mobile as that browser runs a certificate store that is updated independently from Android, and includes Let’s Encrypt’s new root cert. However, while Firefox Mobile will allow web browsing other Android applications that connect website’s to pull data still won’t be able to connect to servers using the new Let’s Encrypt root cert.

To help mitigate these problems, Let’s Encrypt is going to make it possible for webmasters to serve an alternate cross signed certificate chain leading to the old root certificate as a temporary solution.

Leave a Reply

Your email address will not be published.