Despite the activity of smartphone manufacturers in translating their devices to new versions of Android, many models are “stuck” on old revisions of the operating system. The inability to update may soon become a serious problem for users of such gadgets, who will lose access to a number of websites at the beginning of next year.
One of the world’s leading certification authorities Let’s Encrypt, whose services are used by about 30% of all domains in the global network, already in January 2021 switches to the generation of signatures using only its root SSL certificate. ISRG Root X1 was previously cross-signed with the IdenTrust DST Root CA X3 intermediate certificate with support for most operating systems, however, after the expiration of this agreement, outdated browsers and OS will no longer work with sites using Let’s Encrypt certificates.
In practice, this means that gadgets running Android 7.1.0 or earlier version of the Google mobile OS will not be able to load sites signed with the ISRG Root X1 certificate. According to statistics, the problem will affect approximately 33.8% of mobile devices on the market.
“Some software that hasn’t been updated since 2016 still doesn’t trust our root certificate, ISRG Root X1. In particular, this includes Android versions up to 7.1.1, ”said Let’s Encrypt representatives.
As an alternative to buying a new smartphone, owners of outdated models can use the Mozilla Firefox browser, which is capable of storing root certificates on its own. However, only users of Android 5.0 and newer revisions of the “green robot” will be able to install it.