Older Android smartphones have bad cards in 2021: Starting in 2021, websites will exclude millions of devices due to outdated certificates. We’ll tell you if your Android phone is affected – and what options you now have as a user.
If you and your friends use older Android smartphones, you may want to consider upgrading. Starting in September 2021, HTTPS-protected websites will exclude devices with Android version 7.1.1 (Nougat) or older due to new certificates.
Certificates secure encrypted connections between certain websites and your Internet browser. However, according to the blog Android Police, the non-profit certificate service “Let’s Encrypt” has now announced that older Android smartphones with versions older than 7.1.1. no longer trust their root certificates from 2021 on.
The problem is that “Let’s Encrypt” is considered one of the world’s leading certification authorities for websites. About one third of all domains use their services, and accordingly many secure websites will no longer allow older Android devices.
Older Android smartphones cannot work with the new root certificate
“Let’s Encrypt” has so far worked with the Iden Trust Group and operated with a root certificate. This will expire on September 1, 2021.
For most operating systems this is no problem, because they can work with the new own root certificate of “Let’s Encrypt”. Android is not one of them, however.
Smartphones with Android 7.1.1. or older will therefore no longer receive updates for the certificate store. However, if the root certificate is invalid, websites can no longer check the validity of a current TLS certificate.
As a result, access to the corresponding site is blocked. “Let’s Encrypt” is also not in the position to provide a solution for older Android smartphones.
The manufacturers of the Android devices would have to publish a software update themselves, so that older smartphones and tablets receive new root certificates.
Mozilla Firefox for older Android smartphones
An obvious option for users with older Android smartphones is, of course, to buy a new device as soon as possible. But you can also do something else.
The mobile browser of Mozilla Firefox has its own certification memory. It should already support the new root certificate of “Let’s Encrypt”.
Alternatively, you can download the Firefox browser from the Google Play Store. But this won’t help you with encrypted connections that Android apps create with their own servers. These servers in turn access the root certification store of Android.
Some websites will no longer be accessible after 11 January 2021
Some websites will no longer be accessible for Android users with older devices after January 11, 2021. This is because “Let’s Encrypt” will issue new certificates from that date on, which will refer to the new root certificate.
As a site operator, however, you still have the possibility to create a link to the old root certificate with the help of the Cerbot tool. Then the websites will continue to be accessible via older Android smartphones for the time being.