|
|
|
|
|
|
by randombit
2614 days ago
|
|
|
Tried the test site on a Nexus 7 running Android 6.0.1, Firefox was ok (seems it ships with its own list of roots), but latest Chrome rejected it. My wife runs a blog which generates substantial income and uses certs from Let's Encrypt. It's a non-tech blog with primarily US readership. Checking stats for this month, 7% of all visitors were using Android 4/5/6 (20% of all Android users). The percentage of users on old Android running Firefox was basically nil. Losing all these users would be very costly. Hopefully certbot will be modified so it is possible to pick the current intermediate during automatic renewal. If I have to do a manual operation to switch intermediates each time the cert renews (currently done by cronjob) then it is probably safer (operationally speaking) to just buy a cert. I don't really understand why Let's Encrypt is making this change now. Sure, the current root is expiring "soon", but not until September 2021. Switching roots could be safely pushed off to early 2021 at which point hopefully most of these older Androids would be cycled out. |
|
|
An SSL cert can be purchased for as low as $6 a year; if this is important to you, try buying one of those.