SSL-certified sites are important because they protect malicious individuals from snooping user data in transit.by Report from Google, 95% of traffic is now encrypted over the network.
Let’s Encrypt is one of the institutions that issues these HTTPS certificates to a site to ensure that traffic to that website follows a secure route.The organization has issued more 1 billion certificates It currently serves more than 192 million sites.
Due to multiple certificate authorities, some sites may have compatibility issues if your browser or app does not support a particular certificate. Android users with devices running version 7.1.1 or earlier may soon face the issue.
When Let’s Encrypt was born in 2015, apart from its own root certificate Mutual signing certificate from Iden Trust, Another certificate authority.
However, the partnership between these two entities will end on September 1, 2021, and Let’s Encrypt will only use its own certificate to validate the site. Let’s Encrypt has taken preemptive measures and has changed the API to use its own certificate by default since January 11th.
This causes issues on older platforms such as devices running Android 7.1.1 or earlier. It has not been renewed to accept Let’s Encrypt root certificates and relies on mutual signatures from institutions such as IdenTrust.
However, this creates compatibility issues. Some software that has not been updated since 2016 (when the root was accepted by many root programs) does not yet trust the root certificate ISRG root X1. In particular, this includes versions of Android prior to 7.1.1. This means that these older versions of Android will no longer trust the certificate issued by Let’s Encrypt.
According to statistics obtained from Android Studio by a certificate authority Over 34% of Android devices It is running worldwide with version 7.1 and earlier. And since January, many sites and apps may face compatibility issues with these devices.
So Android police The workaround for this issue is to install and use Mozilla’s Firefox browser on these devices. This is because Mozilla uses its own list of root certificates to validate the site. For clarity, apps that rely on older certificates will not be able to take advantage of this fix.
You can read more about the Let’s Encrypt announcement here..
Published November 9, 2020 — 08:19 UTC