Log In
Register
Home
Topic RSS
Facebook
Twitter
Email this8:25 am
September 11, 2013
Offline
About a month ago when I access this site, on an older tablet I sometimes use, a warning page started coming up saying my connection is not private and I can't access, happens every time now. All the other websites I access on that tablet work just fine as they always have, just this one is inaccessible now. No big deal, just info for this site's administrator.
10:08 am
May 15, 2007
Offline
Is the problem still happening? I'm using a different certificate provider now, which might make a difference.
12:18 pm
August 4, 2010
Offline
The current site certificate looks like it was just issued yesterday (June 15) for a year, it comes from Amazon and the Amazon intermediate certificate ("Amazon RSA 2048 M03") was only created in August 2022, although the Amazon root certificate ("Amazon Root CA 1") dates back to 2015.
What brand of tablet, and what OS and version, were involved? Browsers will have a trusted set of certificates that they either provide or obtain from the OS, and if they don't have something that trusts the issuer of a site's certificate, it will give that warning. And if the tablet is old enough not to be getting any sort of software updates, it may not be getting newer root certificates to trust and might throw this message. That Amazon 2015 root certificate should be in even fairly old tablets, though.
Peter, who was issuing your site certificate before you switched to Amazon? If the error isn't happening anymore, it may have been that provider that was issuing off something that wasn't in the tablet's trusted certificate bundle.
5:24 pm
September 11, 2013
Offline
I just tried it, Peter, and it worked fine, twice, this time. I'll let you know if that changes in the next few days. Thank you.
It's a Samsung Tab A (2016), SM-T280, Android 5.1.1, last security level around 2017, later updates haven't worked I guess, I wouldn't know how to find OS, sorry. I just use it for a few minutes bedtime reading, nothing else, so don't care about security, etc.
5:38 pm
August 4, 2010
Offline
Yikes, Android 5 "Lollipop" was the 2014 release, and 5.1.1 seems to be from 2016. Android tablets were notoriously poorly supported, but that's really sad. If the browser app was being updated after that, you may get some newer certificates or security patches that way.
I think they've been trying harder again on Android tablets, but I'm pretty sure Apple still has well over half the tablet market.
6:07 am
May 15, 2007
Offline
NorthernRaven said
Peter, who was issuing your site certificate before you switched to Amazon? If the error isn't happening anymore, it may have been that provider that was issuing off something that wasn't in the tablet's trusted certificate bundle.
It was Let's Encrypt before. I was willing to accept that older device compatibility was going to drop off: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/. However, the switch to Amazon makes certificate management easier, with some other compatibility benefits, at least for the time being!
7:07 am
August 4, 2010
Offline
Ah yes, Let's Encrypt - we use that at work for a public server I write an app for, although I managed to pass off the certificate renewal worries to our IT folks. I remember seeing something about their expiring cross-cert signing thing awhile back.
Bill, as mentioned in Peter's link, if you are able to get the Firefox Mobile app on your tablet, it apparently does its own trusted certificate management, so if you run into other browsing sites with the same problem using Chrome or whatever you do, Firefox may have newer trust for them and not put up the warning.
7:19 am
September 11, 2013
Offline
Thanks, NorthernRaven, I'll try Firefox if the problem keeps up but it all seems to be fine now. This was the only site I was having the problem with.
7:28 am
August 4, 2010
Offline
You may start coming across more - Let's Encrypt provides free certificates that a lot of smaller sites use instead of having to pay for a commercial certificate. Let's Encrypt certificates are only valid for 90 days, so as those get renewed they'll be based off LE's own certificate that the old Android versions don't know about. Sounds like Firefox keeps its own trust bundle, and the app may still be updating that even if Android has long since stopped updating its own bundle that Chrome would probably be relying on.
Please write your comments in the forum.