Updated: Phones with Android versions older than 7.1.1 need up-to-date browsers beginning 1/11/21

Background

We’ve all been taught to make sure the websites we visit display a :lock: symbol in the browser bar. That symbol indicates that the website is secure, and that security is backed by a “Certificate” issued by a trusted resource called a Certificate Authority (CA).

That “trust” takes time to build. A new CA can start issuing certificates by asking an existing CA to “cross-sign” their certificate, kind of the same concept as a parent co-signing a loan as a child moves into adulthood. The CA may then operate this way for several years to earn the trust they need to operate independently.

What this means for us

The Chrome browser on Android phones with operating systems older than Android Nougat (7.1.1) relies on a list of trusted CAs that is built into the operating system. Since those operating systems are no longer being updated, these older devices cannot recognize a new certificate as trusted.

Let’s Encrypt, a popular Certificate Authority, is moving from a cross-signature certificate to their own independent certificate beginning 1/11/21. As websites whose certificates are issued by Let’s Encrypt update their certificates, the Chrome browser on these older phones will be unable to access those websites. What’s more, some apps that access the internet rely on the Chrome browser, and these apps will also be unable to use resources with a Let’s Encrypt certificate.

Update 12/21/20: Let’s Encrypt has updated their announcement to indicate that they have found a way to transition to an independent certificate that does not prevent devices with Android versions before 7.1.1 from browsing websites with Let’s Encrypt certificates. Some apps that allow in-app browsing may not be able to continue to display website content on these older phones and tablets, but using an up-to-date browser would be a simple workaround.

What you can do

Many of the phones we support have updates available for Android Nougat (7.1.1). If your phone can be updated to 7.1.1, this is the easiest way to make sure your phone can continue to view websites secured with a Let’s Encrypt certificate.

If your phone does not have an update to 7.1.1 available, be sure your default browser (Chrome, for example) is up to date in Google Play.

Steps to take

  1. See if your phone has an Android version that’s at least 7.1.1
    How to Find Which Version of Android is Running on the Phone – Republic Help

  2. If the Android version is below 7.1.1, check for an update
    How to Update the System Software on a Republic Wireless Phone – Republic Help
    Note: If no update is available from the manufacturer, Republic cannot make one available.
    Note: If you haven’t updated your phone in some time, you may have to go through this two-step update process several times to get to the latest version available.

  3. If no update is available, be sure your browser is up-to-date in Google Play.

Phones with Android versions older than Nougat (7.1.1) may still experience some issues browsing websites from within apps that are built to operate on top of the factory-installed version of Chrome. You will need to visit websites with an up-to-date version of a browser like Chrome or Firefox.

If you have questions about updating your phone or what all of this means to you, please reply below, and we will be glad to help you.

5 Likes

The above announcement has been updated based on some new information from Let’s Encrypt today (12/21/20).

Message an
Expert customer