There are many people who boast that they don’t need an updated smartphone – they can make do with their old one. If it’s an Android, though, they may be forced into buying a new phone next year. Old Android versions prior to 7.1.1 Nougat will no longer work with many secure websites.
Change in Certification on Android
Recently, The non-profit organization Let’s Encrypt announced that on September 1, 2021, it’s partnership with certification authority IdenTrust will end. It will not be renewing the partnership and will instead be using its own root certificate. Default cross-signaling for IdenTrust’s certificate will stop on January 11.
This will lead to some secure websites not being compatible with old Android versions, meaning they will not work. Users will get certificate errors when trying to visit those websites. This will be a problem for the 33.8 percent of Android users who are still using Android versions prior to 7.1.1 Nougat.
Solutions for Avoiding the Certificate Error
The first solution if you’re concerned about accessing secure websites on your old Android phone is obvious: buy a newer phone. But Let’s Encrypt has also recommended using Firefox to solve most of the problem.
“For an Android phone’s built-in browser, the list of trusted root certificates comes from the operations system – which is out of date on these older phones,” explained the organization.
“However, Firefox is currently unique among browsers — it ships with its own list of trusted root certificates. So anyone who installs the latest Firefox version gets the benefit of an up-to-date list of trusted certificate authorities, even if their operating system is out of date.”
That will take care of your browser needs, but you also may have certificate errors when using other apps on your old Android, and in that case, you may be stuck buying that new phone you’ve been trying to avoid.
If you opt to download Firefox to try to view secure websites on your old Android, you may want to read up on what DNS over HTTPS is and whether it makes Mozilla an “Internet Villain.”