If almost the entire internet works with HTTPS protocol, in 2021 a good part of it will stop working due to the end of the agreement between Let’s Encrypt, one of the largest certification authorities on the planet, and IdenTrust – mainly websites open on Android devices. .
HTTPS is a protocol that inserts a protection layer in the data transmission between a computer and the server. On sites with this address, the communication is encrypted, significantly increasing security.
When it came out, Let’s Encrypt asked that its own ISRG Root X1 root certificate be included in browsers and operating systems. All the certificates she issued were also signed with IdenTrust’s DST Root X3 – present on Windows, macOS, Android and many other software platforms.
The partnership, however, ends on September 1, 2021, but Let’s Encrypt will stop signing new SSL certificates with the root ‘ISRG Root X1’ on January 11. The practical result is that, if the right certificates are not installed on your device, some websites will not be able to open – and there is a good chance that this will happen with those that run the Google operating system.
According to a statement from Let’s Encrypt, “Android has an old and well-known problem with operating system updates. Currently, 66.2% of Android devices are running version 7.1 or higher. ”
Therefore, “the remaining 33.8% of Android devices will start showing security errors when users visit sites certified by us. This represents about 1% to 5% of traffic from all sites. Hopefully, these numbers will be lower when DST Root X3 will expire in 2021, but the change may not be very significant. ”
One solution would be to use Mozilla Firefox, whose native certificate store includes the root ISRG.