[German]Let's Encrypt currently warns that its (old) root certificate will expire on September 1, 2021. There are successor certificates, but older software may have problems. In particular, Android devices prior to 7.1.1 will eventually not be able to access https websites if they are secured with Let's Encrypt certificates.
Meanwhile, most of the websites are hosted on https servers and are secured by certificates. However, this requires that the certificates in question are still valid. Websites secured with Let's Encrypt certificates will eventually get a problem with old Android devices.
The problem: Let's Encrypt root certificate expires
Five years ago, when Let's Encrypt started as a certificate service, the service received a "DST Root X3" root certificate (as a cross signature) from IdenTrust. This "DST Root X3" certificate had been around for a long time, and all major software platforms such as Windows, Firefox, MacOS, Android, iOS and a variety of Linux distributions trusted this root certificate. This cross signature from IdenTrust allowed Let's Encrypt to start issuing certificates immediately. Without IdenTrust, Let's Encrypt might never have come about, write the Let's Encrypt people here.
In the meantime, Let's Encrypt issued its own root certificate ("ISRG Root X1") and requested that the major software platforms trust it. The root certificate is now supported by the major software platforms. However, in return, the DST Root X3 root certificate that Let's Encrypt relied on will expire on September 1, 2021.
This brings some compatibility issues. All devices and all software whose certificates have not been updated since 2016 do not trust the ISRG Root X1 root certificate. This means that the devices will have problems retrieving web pages via https if they are secured with Let's Encrypt certificates.
Android before version 7.1.1 affected
Let's Encropt points out in this blog post, that all Android devices prior to version 7.1.1 are affected by this expiring root certificate. Because unfortunately Android has a long known problem with operating system updates. There are many Android devices running outdated operating system versions that have never been updated. The causes are complex and difficult to fix: For each phone, the Android core operating system is usually modified by both the manufacturer and a mobile operator before an end user receives it. If there is an update for Android, both the manufacturer and the mobile operator must incorporate these changes into their customized version before it is shipped. Often the manufacturers decide that it is not worth the effort. The result: Many users have Android devices that have been outdated for years and are no longer updated.
Currently, 66.2% of Android devices run version 7.1 or higher. But the remaining 33.8% of Android devices have an older version installed. These devices will eventually display certificate errors when users visit websites that have a Let's Encrypt certificate. In communications with major integrators, the people at Let's Encrypt have found that this accounts for about 1-5% of traffic on their sites.
Certificate issuance will change from January 2021
As of January 11, 2021, Let's Encrypt will change its API so that ACME clients, when they request a new Let's Encrypt certificate for a web page, it is based on SRG Root X1 by default. The older DST Root X3 root certificate is then no longer used to sign certificates for web pages. Such websites can no longer be accessed with older Android devices.
However, it will be possible for website operators to use an alternative certificate chain for the same certificate, based on the DST Root X3 and offering broader compatibility. This will be implemented via the ACME "alternative" link relation. This is supported by Certbot version 1.6.0 and higher. If you are using a different ACME client, please check the documentation of your client to see if the "alternative" link relation is supported. Details can be read in this blog post.
Cookies helps to fund this blog: Cookie settings