Hi all,
Let’s Encrypt have announced that they will change the root certificate for newly issued SSL certificates on the 29th of September, 2020. This is because their present root certificate will expire in a few years. As their certificates have a lifetime of 90 days, the last ones with the old root will be gone by the 28th of December, 2020.
This will mean that web services using Let’s Encrypt for encryption will no longer be reachable on older devices. It will affect the Android browser, Google Chrome, and other apps for online services if the server/website which it is contacting has a Let’s Encrypt certificate. This will affect Android below 7.1.1, which means all FP1, and any FP2’s that are still on Android 5/6.
Note that many of the affected websites and apps may already have stopped working before as a result of the end of support for TLS 1.0/1.1 by many websites in the past few years.
The good news: Firefox is, again, not affected. It uses its own certificate store on all operating systems. I don’t know the situation for the Firefox forks used by many Fairphoners, but there’s a good chance that they’ll work too as they were not affected either when TLS 1.0/1.1 got dropped.
If your favourite app has a browser-based version, you will probably still be able to use Firefox (or a derivative of it) to connect to it.
EDIT: If you want to know how your browser will respond to this, please open https://valid-isrgrootx1.letsencrypt.org/.
