How to Install the ISRG Root X1 Certificate on Android

Knowledge Solutions
, , , ,
1

Problem statement

This article explains how to find out if an Android <7.1.1 device will be impacted by the Let’s Encrypt Certificate Chain Shortening and how to mitigate this without upgrading by installing the ISRG Root X1 Certificate.

Solution

If using Android 7.0 or earlier, it may be necessary to install the ISRG Root X1 certificate to ensure users can log in to applications and websites via Auth0.

Identify whether your device is missing the ISRG Root X1 certificate

Open Chrome and attempt to navigate to https://valid-isrgrootx1.letsencrypt.org/

Screenshot 2024-02-14 at 7.10.59 PM.png
Screenshot 2024-02-14 at 7.10.59 PM.png746×1652 61.9 KB
Screenshot 2024-02-15 at 8.19.49 AM.png
Screenshot 2024-02-15 at 8.19.49 AM.png740×1654 160 KB
Your device is missing the ISRG Root X1 certificate. Follow the instructions below to download/install it. Your device has the ISRG Root X1 certificate. No further configuration is necessary.

Download and install the ISRG Root X1 certificate

  1. Open Chrome on the device and download the ISRG Root X1 certificate from this URL: https://letsencrypt.org/certs/isrgrootx1.pem
  2. Navigate to Settings (device) > Security > Install from SD card and install the certificate. Under Credential use, select VPN and apps

|

image
image740×1652 96.5 KB
|
image
image738×1654 25.8 KB
|
image
image738×1650 83.5 KB
|