Upcoming Let’s Encrypt Update will Affect Android 7.0 and Earlier

You may have gotten a notice from Cloudflare or other DNS/hosting/SSL provider about roots and keys and SSL and other confusing terms, with a link to a Let’s Encrypt article: https://letsencrypt.org/2023/07/10/cross-sign-expiration.html

In a nutshell, this is related to encryption certificate policies changing this year that will cause compatibility issues on older devices. Essentially, websites using the Lets Encrypt SSL certificates will soon not have recognized SSL on Android devices running Android 7.0 (released in 2016) or earlier, as the trust certificates are hard-coded into the OS on older devices. This will kick in on May 15 of this year.

However, if there are any devices where this causes issues for website access, this can be circumvented by using the app “Firefox Mobile,” which uses its own trust store system instead of the one built into the OS.

Basically, as far as actionable steps are concerned, there isn’t anything we need to do here since this is managed by Cloudflare or your DNS provider. If there are any users that have trouble accessing your website through an older device, they will also have issues accessing a lot of other websites, and will need to either use Firefox Mobile or purchase a new device.

Thanks for reading

Leave a Reply

Your email address will not be published. Required fields are marked *