If you have an old Android smartphone, be prepared for a nasty surprise next year: some sites will become inaccessible!
The problem concerns secure sites that control their access through a system of certificates. The society Let’s encrypt, whose certificates are used by around 30% of web domains, has just announced that its partnership with the company IdenTrust, which also provides certificates, will end in September 2021.
For now, the ISRG Root X1 certificates, from Let’s Encrypt, effective since 2016, and DST Root X3, from IdenTrust, much older and widely deployed, are interoperable, but this will no longer be the case next year.
This means that mobile devices that do not have the ISRG Root X1 certificate will no longer be able to connect to websites that use it. This is unfortunately the case with smartphones and tablets with Android 7.1 and earlier operating systems.
If the devices cannot be updated to a newer version of Android (7.1.1 or higher), the only solution to access the affected websites will be to use the Firefox browser. Indeed, this browser has its own certificate store, which includes the ISRG Root X1.
Source : Android Police