Post Syndicated from original https://lwn.net/Articles/836497/rss
As described in this Let’s
Encrypt blog entry, certificates issued by Let’s Encrypt will soon be
signed solely by that organization’s own root certificate, which is
accepted by all modern browsers. There is one little catch, though:
versions of Android prior to 7.1.1 (released in late 2016) do not recognize
that certificate and will start throwing errors. “Currently, 66.2%
of Android devices are running version 7.1 or above. The remaining 33.8% of
Android devices will eventually start getting certificate errors when users
visit sites that have a Let’s Encrypt certificate. In our communications
with large integrators, we have found that this represents around 1-5% of
traffic to their sites.” There appears to be little to be done
about this problem other than to encourage owners of older Android devices
to install Firefox.