SSL on older versions of Android


#1

We have just started getting complaints this week from people using older versions of Android (4.4 and older) when trying to access our website ( https://www.castanet.net ) or use our app.

Here are some screen captures from someone who is using Android 4.1.2:
Screenshot_2019-01-22-19-10-41 Screenshot_2019-01-22-19-10-55

Any idea how we can solve this issue? None of our Crypto settings here on Cloudflare have been changed recently and our webservers haven’t been touched recently either.


#2

It’s a new certificate, as of January 18th.

I can’t do much testing because I don’t allow TLS 1.0 on my domains, but it looks like an issue with the RSA2048 certificate.
https://www.ssllabs.com/ssltest/analyze.html?d=castanet.net&s=104.25.145.19&latest

Maybe Support can explain what’s changed. You could try a Dedicated Certificate ($5/month) and if that doesn’t work, you can cancel that certificate and stick with the free Universal on you currently have.

Login to Cloudflare and then contact Cloudflare Support


#3

The error message would hint at Android not recognising Comodo as acceptable certificate authority. Cant tell if that might be an inaccurate error message and the actual reason is the type of certificate though.

I ran a quick test with a 4.1.2 instance and could reproduce the error on the domain in question, however not on others which seemingly use the same certificate type.

@Castanet, I’d second sdayman’s suggestion to contact support -> https://support.cloudflare.com/requests/new


#4

We had same SSL issues… Dedicated Certificate ($5/month) helped…


closed #5

This topic was automatically closed after 30 days. New replies are no longer allowed.