Overview
This article explains how to find out if Android devices using versions earlier than 7.1.1 that may be impacted by the Let’s Encrypt Certificate Chain Shortening . It details how to install the ISRG Root X1 Certificate to mitigate this impact without needing an operating system upgrade.
Applies To
- Android Certificates
Solution
If using Android 7.0 or earlier, it may be necessary to install the ISRG Root X1 certificate to ensure users can log in to applications and websites via Auth0.
To identify whether your device is missing the ISRG Root X1 certificate
- Open the Chrome browser on the Android device.
- Navigate to https://valid-isrgrootx1.letsencrypt.org/
- If the ISRG Root X1 certificate is missing, the response as per below image_a is observed.
- If the ISRG Root X1 certificate is present on the device, the response as per below image_b is observed. No further action is required.
image_a: certificate is missing
image_b: certificate is present
Follow the steps below to download and install the ISRG Root X1 certificate:
- Open the Chrome browser on the device.
- Download the ISRG Root X1 certificate file from https://letsencrypt.org/certs/isrgrootx1.pem.
- Navigate to Settings (device) > Security > Install from SD card
- Note: This path may vary slightly depending on the Android version and manufacturer.
- Select the downloaded certificate file (isrgrootx1.pem).
- Follow the prompts to install the certificate.
- If prompted for Credential use, select VPN and apps.
