Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Let's Encrypt SSL will no longer support Android OS prior 7.1
New on LowEndTalk? Please Register and read our Community Rules.

Let's Encrypt SSL will no longer support Android OS prior 7.1

As of January 11, 2021, we’re planning to make a change to our API so that ACME clients will, by default, serve a certificate chain that leads to ISRG Root X1

However, this does introduce some compatibility woes. Some software that hasn’t been updated since 2016 (approximately when our root was accepted to many root programs) still doesn’t trust our root certificate, ISRG Root X1. Most notably, this includes versions of Android prior to 7.1.1. That means those older versions of Android will no longer trust certificates issued by Let’s Encrypt.

Whether you need to run a banner asking your Android users on older OSes to install Firefox, stop supporting older Android versions, drop back to HTTP for older Android versions, or switch to a CA that is installed on those older versions.

Source: https://letsencrypt.org/2020/11/06/own-two-feet.html

Your thought on this?

Comments

  • There is still more than 12% using older versions Android
    https://gs.statcounter.com/android-version-market-share/mobile-tablet/worldwide

  • Looks like I'll have to send new tablets to my website visitors.

    Thanked by 2niceboy chip

    https://yoursunny.com/ stallion coder; push-up specialist
    Using boxes from Spartan Host, SmartHost, Gullo, Evolution Host, Virmach, summer-host.

  • My tv box is android 7 i believe.

    I came, I saw, I record the world burn.

  • ChocowebChocoweb Member
    edited November 12

    We still have BuyPass (6-month single domain) & Sectigo (3-month wildcard from ZeroSSL, TrustOcean CrazySSL, etc.)

  • Can't a Android user just install the new certificate?

  • @NewToTheGame said:
    Can't a Android user just install the new certificate?

    Not supported by the browser itself

  • 10TB10TB Member

    @NewToTheGame said:
    Can't a Android user just install the new certificate?

    They can use Firefox but still it can be problematic

  • @Jorbox said:

    @NewToTheGame said:
    Can't a Android user just install the new certificate?

    Not supported by the browser itself

    But supported by the OS and it is fairly easy to import a root certificate.

  • rm_rm_ Member
    edited November 12

    @Chocoweb said: We still have BuyPass (6-month single domain)

    BuyPass already doesn't work on old Android right now, let alone in 2021.

    Did not check ZeroSSL, it fails to provide a cert with the "dehydrated" client.

  • @rm_ said:

    @Chocoweb said: We still have BuyPass (6-month single domain)

    BuyPass already doesn't work on old Android right now, let alone in 2021.

    Did not check ZeroSSL, it fails to provide a cert with the "dehydrated" client.

    Try acme.sh

  • jsgjsg Member

    Let's encrypt and Android ... the perfect marriage, Hahaha

    Thanks no.

  • Hope my visiter are using the last Android version

  • @rm_ said:

    @Chocoweb said: We still have BuyPass (6-month single domain)

    BuyPass already doesn't work on old Android right now, let alone in 2021.

    Did not check ZeroSSL, it fails to provide a cert with the "dehydrated" client.

    BuyPass runs on Android 5.1 and up. I tested it myself.

    Thanked by 1Chocoweb
Sign In or Register to comment.