CERTIFICATES - CHANGE FOR OLDER BROWSERS/DEVICES.

Scheyern/Germany, 2021-05-15.

On September 30 2021, there will be a change in how older browsers and devices trust web/https certificates. If you run a typical website, you won't notice any difference. However, if you are run other services such as an API or connections to (IoT) devices, you may need to make settings.

The primary certificates are built on top of the root certificate ISRG Root X1, so they are trusted by different devices. There is also a dependency on an older root certificate DST Root CA X3, which will end on September 30, 2021. The new root certificate is sometimes not recognized by older devices and systems or is not displayed as trustworthy because they no longer receive the latest security updates from the manufacturers. (See the list with details below).

What do I have to do now?
In most cases: nothing at all. Our systems are updated automatically, as well as the current end devices (laptop, smartphone, browser…) trust the root certificate already in use now without any problems.
If you provide an API or have to support (IoT) devices, you’ll need to make sure of two things: (1) all clients of your API must trust ISRG Root X1 (not just DST Root CA X3), and (2) if clients of your API are using OpenSSL, they must use version 1.1.0 or later. In OpenSSL 1.0.x, a quirk in certificate verification means that even clients that trust ISRG Root X1 will fail when presented with the Android-compatible certificate chain we are recommending by default.

ISRG Root X1 (RSA 4096, O = Internet Security Research Group, CN = ISRG Root X1)

Known supported systems

  • Windows >= XP SP3
  • macOS >= 10.12.1
  • iOS >= 10
  • Android >= 7.1.1
  • Mozilla Firefox >= 50.0
  • Ubuntu >= 16.04
  • Debian >= jessie / 8
  • Java 8 >= 8u141
  • Java 7 >= 7u151

Browsers (Chrome, Safari, Edge, Opera) generally trust the same root certificates as the operating system they are running on. Firefox is the exception: it has its own root store.

Known Incompatible

  • Blackberry < v10.3.3
  • Android < v2.3.6
  • Nintendo 3DS
  • Windows XP prior to SP3
  • Java 7 < 7u111
  • Java 8 < 8u101
  • Windows Live Mail (2012 mail client, not webmail)
  • PS3 game console
  • PS4 game console with firmware < 5.00

This change is publishes as #M15052021179 on our websites https://25space.com/developer/changelog/

← Back to Newsroom

Attachements & Files
Title image (download)
Default press image (download)

Press & Media contact
You can reach out to us on any questions at [email protected]
Share this article
SHARE ARTICLE
About 25space.com
25Space.com offers businesses modern solutions in the areas of web hosting, domains, email, web development, and cloud services. The company focuses on providing a reliable, practical, and user-friendly IT infrastructure for everyday digital work. In addition to traditional hosting services, 25Space.com also develops custom web projects and complements its offerings with select services for management, monitoring, and productivity. In this way, the company creates a technical foundation that combines stability, flexibility, and personalized support.

Forward-looking statements/disclaimer
This press release may contain forward-looking statements based on current assumptions, expectations and forecasts made by 25Space.com management. Such statements relate in particular to future business developments, product plans, service availability, operational performance and market expectations. Forward-looking statements are subject to known and unknown risks, uncertainties and other factors that may cause actual results, performance or developments to differ materially from those expressed or implied in such statements. These factors may include, among other things, changes in customer demand, technical or operational disruptions, regulatory developments, third-party dependencies and general market conditions. These statements speak only as of the date of this press release. Unless required by law, 25Space.com assumes no obligation to update or revise any forward-looking statements.