Websites secured by Let’s Encrypt will no longer work on older versions of Android from 2021.
Problems accessing secure websites from 2021
Let’s Encrypt, one of the major certification authorities in the world, announces the end of its initial partnership with IdenTrust as of September 1, 2021. The group explains that it does not wish to renew the cross signature with IdenTrust because it has issued meanwhile its own root certificate (ISRG Root X1) and has requested that it be trusted by the software platforms: Windows, Firefox, macOS, Android and iOS.
Let’s Encrypt explains that “this introduces compatibility issues. Some software that has not been updated since 2016 still does not trust our ISRG Root X1 root certificate. Most notably, this includes versions of Android prior to 7.1.1. This means that these older versions of Android will no longer trust certificates issued by Let’s Encrypt. ” Although the agreement with IdenTrust ends in September 2021, let’s encrypt stop cross default signature from 11 January 2021.
More than a third of affected Android devices
Let’s Encrypt points out that 33.8% of Android devices are running version 7.1 or earlier, and will therefore be impacted by this change. They will encounter certificate errors and will no longer be able to visit many websites secured by Let’s Encrypt from 2021.
Owners of older versions of Android will therefore have to update their phone if they do not want to be faced with this type of problem or to get a newer one compatible with the latest Android 11 update .
What solution for owners of old Android phones?
The only solution offered by Let’s Encrypt is to install Firefox Mobile, which supports Android 5.0 and above. The CA states that Firefox is currently the only browser that comes with its own list of trusted root certificates.
Let’s Encrypt explains that therefore “anyone who installs the latest version of Firefox benefits from an up-to-date list of trusted certification authorities, even if their operating system is outdated.” This might fix mobile browsing issues, but users might still experience certificate errors on phone apps.