[maeln]

As I remember, a lot of company didn't want to move to LE because their root certificate was not present in a lot of devices and those devices cannot or will not be patched to include it. Due to this, if you were, for example, on a old Android phone, pages with a LE cert would show as being insecure.

[tialaramex]

That's a pretty old/ crappy Android phone though, either Froyo (or older) or a Gingerbread without patches.

There are other examples, the Nintendo Wii U, Internet Explorer on old enough XP (but really old XP can't grok modern TLS anyway and so you're screwed) but we're quickly talking about the minority of a minority.

I'm sure the perception was there though.

[Zarel]

Wow, the Wii U is one? No wonder I had a bunch of Wii U users reporting my site stopped working when I started forcing HTTPS.

"Minority of a minority", maybe, but I still got around five tweets about it when it happened; more than most other changes I make.

[tialaramex]

Just to be clear, you're serious right? Because yes, the Wii U has a browser, it hasn't been updated (because the Wii U is basically abandoned at this point) and it never did trust DST Root CA X3, which is the root via which trust to Let's Encrypt was bootstrapped in older browsers. Don't happen to have links for any of those tweets do you? I'd be happy to have an actual example of a user who ran into this for real (nobody can fix it, but it's good to be reminded they exist)

[Zarel]

Yes, I'm serious, but it looks like I misremembered, because it took me forever to dig up the post (it turned out not to be on Twitter).

https://www.reddit.com/r/pokemonshowdown/comments/7eix1o/pok...

The problem wasn't just because of the HTTPS cert, but also because it didn't support WebSocket on port 8000.