Right now, Let’s Encrypt is one of the larger online authorities that issues security certificates through a group called IdenTrust. The organization’s partnership with IdenTrust will expire on September 1, 2021, and Android Police reports that there are currently no plans for a new partnership.
In the early days of Let’s Encrypt, the group applied for a separate root certificate for all browsers and operating systems: ISRG Root X1. However, software that hasn’t been updated since 2016 doesn’t trust this certificate, and things will change even more over the next year.
Then all browsers and operating systems without the original Let’s Encrypt root certificate will no longer work with websites that use the original certificates, including devices running Android 7.1 or lower.
The agreement is not scheduled to end before September, but Let’s Encrypt is not expected to sign any new certificates until January 11, 2011. While sites will still have options to cross-sign certificates through September, the default will be lifted.
Affected devices may be able to install Firefox as their browser to work around the problem that contains the ISRG Root X1 certificate. This is not a safe bet and problems will likely still arise if websites don’t load properly. Even so, it can act as a holdover until a solution is found.
