Extending Android Device Compatibility for Let's Encrypt Certificates

by msmithon 12/21/2020, 3:47:36 PM with 5 comments
  • by sradmanon 12/21/2020, 5:49:00 PM

    This impacts Android operating systems prior to 7.1.1:

    > IdenTrust has agreed to issue a 3-year cross-sign for our ISRG Root X1 from their DST Root CA X3. The new cross-sign will be somewhat novel because it extends beyond the expiration of DST Root CA X3. This solution works because Android intentionally does not enforce the expiration dates of certificates used as trust anchors.

  • by rektideon 12/21/2020, 8:15:34 PM

    So frustrating that an unmaintainable operating system was released into the world.

  • by highclasson 12/22/2020, 3:28:19 AM

    This is great news. This means many won't have to look to other alternatives for certs because of potential compatibility issues with old android devices.

  • by highclasson 12/22/2020, 3:27:31 AM

    This is great news. I also was worried about this issue.

  • by fomine3on 12/22/2020, 4:32:39 AM

    Great! I wish these old devices are dead after three years.