The approaching expiration date of a root certificate for X.509 certificates is a headache for the Certificate Authority (CA) Let’s Encrypt. More than half a billion users of Android versions prior to 7.1.1 in 2021 could experience the problem of apps, as well as browsers, refusing to connect to websites with Let’s Encrypt’s free SSL / TLS certificates with a TLS security warning .
A current Let’s Encrypt blog post deals with the consequences of the certificate expiring on September 21, 2021 and the move to Let’s Encrypt’s own root certificate, which began in January.
Switch to own root certificate from January 2021
According to Let’s Encrypt, about 220 million sites are currently using the free certificates with domain validation. A separate Let’s Encrypt root certificate (“ISRG Root X1”) has been available for years and will be used by default from January 11, 2021 in place of the previous IdenTrust cross signature to issue the certificates that are valid for 90 days. From this point on, there should be error messages when browsing many websites – because the aforementioned root certificate never arrived on old Android versions.
As a short delay, an alternate “Intermediate Certificate” will be launched from January 2021 for server operators who will continue to use the previous IdenTrust root certificate “DST Root X3” until it expires on September 21, 21. Server operators must use parameters for this intermediate certificate at the ACME. Please request the customer explicitly, otherwise all newly issued Let’s Encrypt certificates will have their own root certificate in the certificate chain from 11 January 2021.
Users of old Android versions are mainly affected
In general, the expiration of DST Root X3 and Let’s Encrypts change to your own root certificate causes problems for devices whose browsers and operating systems have not seen updates since early 2016. According to Let’s Encrypt, this affects most users of Android versions older than 7.1.1.
There are not just a few: according to the projection in the Google IDE Android Studio, almost 34 percent of all Android devices still run with these versions. With an estimated number of 2.5 billion active Android systems worldwide, approximately 850 million devices would be affected by the expired IdenTrust certificate.
However, in the blog post, the Let’s Encrypt team points out that apparently not all of these systems are (regularly) used for surfing: according to operators of major websites, these outdated Android versions are taken into account, the use of which in networks is usually a security risk. constitutes only up to 5 percent of total traffic.
Unsatisfactory solutions for Android users
For Android users who don’t want to upgrade to new versions (or more up-to-date devices), there are some satisfying solutions. Let’s Encrypt recommends installing Firefox for Android on these systems as this browser provides its own list of trusted root certificates and trusts the Let’s Encyrpt CA. This strategy works for website visits in the browser, but not for apps that still rely on the Android system’s stored CA certificates.
The way out of equipping affected devices with newer, reliable root certificates (including ISRG Root X1) as part of an Android upgrade to at least Android 7.1.1 could only be found by the respective device manufacturers. Because Google Play services are not allowed to update the directory of known CA certificates in Android.
On a special Let’s Encrypt test website, users of old Android systems can now check for themselves whether Let’s Encrypt’s newer CA certificate works on their own device with the internal browser.
Let’s Encrypt wants to become more independent
The root certificate, which expires next year, was only planned from the start as a workaround: when Let’s Encrypt was launched five years ago, the initiative soon released its own root certificate with ISRG Root X1. It was foreseeable that it would take some time for it to be widely accepted as such by browsers and operating systems. That’s why Let’s Encrypt brought on board the Certification Authority (CA) IdenTrust and its DST Root X3 certificate, which was already implemented in the leading web browsers and Windows, macOS, iOS and Android.
According to the blog post, Let’s Encrypt doesn’t want to solve the current problem with a new cross-signature: you finally want to stand on your own two feet and rely solely on your own root certificate in the future. Let’s Encyrpt wants independence from other CAs and is not responsible for repeatedly finding patches for the fragmented Android platform. The ball now lies with Google for the first time: the company operates its own root CAs and is also one of the main sponsors of the Let’s Encrypt initiative.