Problem statement
This article explains how to find out if an Android <7.1.1 device will be impacted by the Let’s Encrypt Certificate Chain Shortening and how to mitigate this without upgrading by installing the ISRG Root X1 Certificate.
Solution
If using Android 7.0 or earlier, it may be necessary to install the ISRG Root X1 certificate to ensure users can log in to applications and websites via Auth0.
Identify whether your device is missing the ISRG Root X1 certificate
Open Chrome and attempt to navigate to https://valid-isrgrootx1.letsencrypt.org/
Your device is missing the ISRG Root X1 certificate. Follow the instructions below to download/install it. | Your device has the ISRG Root X1 certificate. No further configuration is necessary. |
Download and install the ISRG Root X1 certificate
- Open Chrome on the device and download the ISRG Root X1 certificate from this URL: https://letsencrypt.org/certs/isrgrootx1.pem
- Navigate to Settings (device) > Security > Install from SD card and install the certificate. Under Credential use, select VPN and apps
|
|||