This Thursday expires a root certificate used by a multitude of old devices and browsers, DST Root CA X3 of Let’s Encrypt, without which they can not access the web pages that use more modern certificates.
In order to securely access a web page it is necessary not only that it uses a protocol such as HTTPS, but also having a root certificate compatible on the device and browser used to certify that the connections are safe.
The vast majority of sites accept all the root certificates present on all recent devices and browsers.
However, if the device is old and years ago that does not receive support or updates, and therefore does not receive compatibility with recent versions, the root certificate can become a problem.
This is precisely what has happened with the Root Certificate DST ROOT CA X3, of the specialized company Let’s Encrypt, which expires this Thursday, September 30, as reported by the company in a statement.
Let’s Encrypt used up to now a cross-identification system that made DST root C X3 compatible with the most recent and extended version of its root certificate, ISRG Root X1, but the expiration of the old version puts an end to this practice.
As a result, older devices – among which the company has cited iPhone 4 or HTC Dream – will not recognize Isrg Root X1 and begin to receive alerts when they try to visit web pages that use LET’s Encrypt certificates.
As an exception, Android mobile phones will continue to access due to “a special cross identification”.
The developer has ensured that most users do not have to make changes or worry, and that “a typical website” will not notice the difference, since the vast majority of visitors will continue to accept the certificate, but has requested more attention to suppliers
of API and IOT services.