If you own an old Android smartphone, this might be the right time to upgrade since you’ll no longer be able to access a huge chunk of the web next year.
The Open Certificate Authority Let’s Encrypt has put out a warning stating that smartphones running versions below Android 7.1.1 Nougat will no longer trust certificates issued by the group starting in 2021. For those who don’t know, nearly 30% of web domains use digital certificates provided by Let’s Encrypt.
Back in 2015, the authority announced its root certificate ISRG Root X1. The certificate has been cross-signed with IdenTrust’s root certificate ‘DST Root X3’ and is used by several browsers and nearly all major operating systems.
Now, the cross-singing agreement between Let’s Encrypt and IdenTrust is expiring on September 1st, 2021. The group is unlikely to get into a new agreement. Moreover, Let’s Encrypt will cease cross-signing by default on January 11, 2021. Websites can generate cross-signed certificates, but they only have until September 2021.
This means that Android OS without Let’s Encrypt’s root certificate will not work with sites that use the group certificates.
“Some software that hasn’t been updated since 2016 still doesn’t trust our root certificate, ISRG Root X1. Most notably, this includes versions of Android prior to 7.1.1. That means those older versions of Android will no longer trust certificates issued by Let’s Encrypt.”
Let’s Encrypt notes that over 33.8 percent of Android users run versions older than 7.1.1. If you are one of them, it would be wise to update your device to the latest Android version. Of course, you will have to switch to a new Android device if the previous one no longer receives Android updates. Alternatively, you can use Mozilla Firefox, which has its own certificate store and includes the ISRG root.