Table of Contents
via Orlan Jesikello
you own Smartphone, computer or video game console ? Be careful, you may soon encounter some kind of Giant internet blackout for your devices.
Here’s what Scott Helmy, a cybersecurity researcher, says at A Blog post Posted on September 20th. according to him, From 30 September 2021, from Millions Devices may display with errors when visiting websites. In the question, the digital security certificate has expired: “Identrust DST Root CA X3”.
What is a security certificate?
“Identrust DST Root CA X3” is an electronic document that allows website authentication. More specifically, as an Internet user, when you launch your browser, this certificate is used Check the reliability of the site you want to refer to.
The data is encrypted and the content of your emails is protected by a encryption With public and private keys. The first can be shared with everyone. “Anyone with access to your public key can use it to send you encrypted data. Only you will be able to decrypt it because you have the private key,” he explains Actuary Corinne Hénin, a cybersecurity expert.
For its part, your browser is responsible for retrieving the security certificate of the site you wish to refer to “and using its certificate store to verify that the latter is trustworthy,” the specialist adds. If the connection is not considered trustworthyYou will definitely receive this type of message:
Please note that you are accessing a website for which we were unable to verify the certificate. do you want to continue?
What is really happening on Thursday 30th September?
As of that date, “IdenTrust DST Root CA X3” will expire. However, this certification plays the role reliable authority For most websites signed by let’s encrypt. The latter is a CA launched in 2015 that has made web encryption very widely available, finding HTTPS connections in particular.
“You want to create a site and you want to get a certificate, you can go through this organization that will themselves sign the certificate for your site,” Corinne Hénin continues. Kind of ‘buffer Official Allow, when someone connects to your site not to receive an error message.
Except when that certificate expires, things change. Other certificates will no longer have a trusted authority To check the reliability of your connection.
Your browser will start complaining to tell you that the connection is not secure, this site is not trusted.
What devices are affected?
By itself, expiration It only affects older models Smartphones, computers or even game consoles whose manufacturers no longer provide updates. In fact, Let’s Encrypt has issued a new “ISRG Root X1” certificate that only works on newer devices.
on his site, let’s encrypt And thus issued a List You are likely to be affected by this issue (as well as previous versions). that it :
- Windows XP Service Pack 3
- OpenSSL 1.0.2
- macOS 10.12.1
- iOS 10
- Android 7.1.1
- Mozilla Firefox 50
- Ubuntu OS 16.04.0
- Debian 8
- Amazon FireOS (Navigational Silk Browser)
- Java 8 8u141
- Java 7 7u151
- NSS 3.26.1 Update
How can I access the Internet with my old device?
Don’t panic if you are directly affected by Identrust certificate expiration: after September 30th you will still be able to surf the web by installing Firefox browser.
Another good news, Corinne Hanin concludes, you’ll get some rest Until 2024 if you’re browsing on Android. “There was an agreement between IdenTrust and Let’s encrypt that Identrust, whose certificate will expire, would re-create new intermediate certificates until 2024.” Since Android cell phones don’t check root expiration date, you won’t a priori It has not been banned as of September 30th.
Was this article helpful to you? Know that you can follow Actu in space news . With one click, after registration, you will find all the news of your favorite cities and brands.