Let’s Encrypt Warns Android 7 and Older Versions Will No Longer Work Starting February 8, 2024
Let’s Encrypt, the popular certificate authority, has returned to the problem of old Android devices, which was first discussed in 2020. The service was launched with the goal of making sure that Let’s Encrypt certificates were widely trusted. To do this, the company organized a cross-signing of intermediate certificates with IdenTrust DST Root X3, so that all indirectly issued certificates would also be trusted, even if the company’s own ISRG Root X1 was not yet trusted.
However, the intermediate cross-signed certificates, as well as the partnership between Let’s Encrypt and the IdenTrust organization, were expiring at the end of 2021, and there were no plans to renew it. This posed a problem, as more than a third of all Android devices were still running older versions of the OS, which could suddenly stop trusting sites using Let’s Encrypt certificates.
To prevent a global failure, the company organized a new cross-signature, which was supposed to last longer than the DST Root CA X3 itself. This temporary measure allowed older Android devices to continue trusting the company’s certificates for another three years. However, the deadline again expires on September 30, 2024.
Since the percentage of Android devices that trust ISRG Root X1 has grown from 66% to 93.9%, and is expected to increase further with the release of Android 14, which will allow root certificates to be updated without a full OS update, Let’s Encrypt has decided to phase out the old cross-signature between February 8, 2024 and September 30, 2024. This means that owners of older devices running Android 7 and older versions of the operating system will have problems accessing sites secured with Let’s Encrypt certificates.
The developers recommend installing and using Firefox Mobile, which uses its own trust store instead of the Android OS trust store and therefore trusts ISRG Root X1. Site owners who may notice a drop in traffic in the second and third quarters of 2024 are advised to give their visitors the same advice: use Firefox Mobile or upgrade their device.