No, in 2021 you won’t have to upgrade to a newer Android-Phone due to a security certificate

Some weeks ago Let’s Encrypt announced that a partnership between them and IdenTrust will expire in 2021. This will result in difficulties when visiting websites and using certain apps with older Android-Phones (Android 7.1 and older). As of now, IdenTrust’s “DST Root X3” certificate allowed a cross-signing with Lets Encrypt’s own certificate “ISRG Root X1". This is due to security concerns as any security issue of these two certificates becomes also an issue for the other certificate. Hence, the title for Let’s Encrypts announcement “Standing on our own two feet”.

For several weeks now I am crossing articles that say that users of older Android-Smartphones will have to upgrade to newer smartphones. I wonder why, because it’s no big deal to install a security certificate yourself. If you download it from Let’s Encrypt’s website, you are safe.

It sounds like either bad research or even nudging that tech media all recommend you to buy new smartphones. At least Let’s Encrypt itself should have known how easy it is. All they did mention in their blog post is that installing Firefox is a way to work around this as Firefox comes with its own deposit of certificates. However, you would still have trouble with a lot of apps as they often require certificates to.

If you downloaded the certificate, here is how to install it:

[Settings] → [Security & privacy] → [More settings] → [Encryption and credentials] → [Install from storage].

(This is the path in Android 9, maybe the path is a bit different in older Android versions — like [Advanced settings] or [Security settings]

That’s it, no big deal. If you love your old Android smartphone, you will not have to replace it in 2021 — at least not due to some security certificates.

Tech-Blogger @mobilegeeks.de - topics: privacy, software, startups. Based in Cologne, Germany.