Some weeks ago we share here on the blog the news that Let's Encrypt (a non-profit, community-controlled certification authority that provides certificates for free to everyone) warned users of an imminent change in signature generation, which would cause problems and especially loss of compatibility with approximately 33% of the Android devices in use.
And this was because it advertised the transition to generating signatures using only its root certificate, without using a certificate cross-signed by the IdenTrust certificate authority.
It was mentioned that as of January 11, 2021, changes will be made to the Let's Encrypt API and by default, ACME customers will receive ISRG Root X1 certificates without cross signing.
The new type of Let's Encrypt root certificate was mentioned to be compatible with all modern browsers, but it is only recognized as of Android 7.1.1, released at the end of 2016 (if you want to know more about the news, you can consult the publication In the following link).
But now, Let's Encrypt announced that the plan has been revised and that compatibility with older Android devices will continue for at least three more years.
The API change scheduled for January 11, which implies a transition to the default issuance of certificates certified only by the root certificate ISRG Root X1, without cross-signature, has been postponed to June 2021.
We are pleased to announce that we have developed a way for older Android devices to retain their ability to visit sites that use Let's Encrypt certificates after our cross-signed brokers expire. We no longer plan any changes in January that could cause compatibility issues for Let's Encrypt subscribers.
At the same time, it was decided as an option to offer the possibility of requesting an alternative certificate, certified according to the old cross-validation scheme and preserving compatibility with devices in the root certificate store to which the Let's Encrypt certificate has not been added.
An alternative certificate will be generated in late January or early February 2021 as part of an additional agreement with the IdenTrust certification authority. In addition to the ISRG Root X1 root certificate belonging to Let's Encrypt, this certificate will be cross-signed using the DST Root CA X3 certificate from IdenTrust.
The cross signature it will be valid for three years, which is less than the validity period of the primary root certificate ISRG Root X1.
Since the cross-signature will expire before the signature with the main Let's Encrypt root certificate, it is possible that problems similar to the incident with the expiration of the AddTrust root certificate used for the cross-signing in certificates of the Sectigo certificate authority (Comodo ).
The browsers correctly handled the AddTrust cross certificate expiration, but it caused massive crashes on OpenSSL and GnuTLS systems, even though Comodo's main root certificate was still valid and the chain of trust with the current certificate persisted.
To ensure that the new Let's Encrypt certificate does not create similar compatibility issues, the IdenTrust and Let's Encrypt certificate authorities intend to review the implemented scheme using external auditors.
As a reminder, the root certificate owned by Let's Encrypt is compatible with all modern browsers, but it is only recognized as of the Android 7.1.1 platform, released at the end of 2016. According to the available statistics, only 66,2% of All Android devices use Android 7.1 and newer versions.
33,8% of Android devices in use do not have data from the Let's Encrypt root certificate, that is, they require an additionally signed certificate with a root certificate compatible with previous versions of Android to continue working correctly. If you try to open sites signed only with the Let's Encrypt root certificate on those devices, an error will be displayed.
Finally, if you are interested in knowing more about it You can check the details of the news in the original note which you can access at the following link.