Certificate question 3

I’ve some users reporting the same issue, and I think I found the cause for this.
Recently, the Cloudflare SSL certificate was updated to a new one signed by “Google Trust Services LLC”.
This root CA was not known when older Android version such as 8 or 9 went out of support.
That’s why these old devices no longer trusts the websites with this new certificate.
Is there any way to resolve this issue?

If you mean something other than the users of obsolete software eventually recognizing that it needs to be replaced if they expect to interact with current networks and websites, not really.


That seems a bit sarcastic.
According to Google Analytics, I have more than 1000 users on Android 8 and 9, which are apparently effected by this issue.

I intended no sarcasm.

While it likely will still function, even the more recent Android 10 is out of support now. It is not feasible to expect to continue providing compatibility to older systems in perpetuity. Once a device loses security support, it has the potential to put the user and others on network at risk. For that reason, the vendor security support timelines are my preferred guidelines.

I don’t find it unreasonable to expect people to keep their devices up to date and secure. Our opinion on this topic clearly differs.


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.