Summary
Cloudflare is a provider used by Emarsys for content delivery network services.
Let’s Encrypt is a non-profit certificate authority that provides TLS encryption certificates at no charge and is commonly used by Emarsys clients in their Image and Link domains.
The certificate chain of Let’s Encrypt cross-signed with IdenTrust expires on September 30, 2024. Cloudflare stopped issuing such certificate chains on May 15, 2024 and use its own ISRG Root X1 chain from then onwards. This change affects legacy devices and systems that rely exclusively on the cross-signed chain including Android devices version 7.1.1 or older.
How to identify if I am affected?
If you are using your own SSL certificates, this update will not be relevant for you and you should check with your provider in case you want to understand the compatibility of certificate chains with older devices and systems.
When clients access domains secured by Let’s Encrypt certificates from older and unsupported devices, they may encounter TLS errors or warnings (i.e. difficulties to load images from those devices).
This change will affect older platforms that are no longer supported, such as older Android versions. Based on Cloudflare’s estimation, 2.96% of all HTTPS requests come from devices possibly affected by this change. At Emarsys, we estimate that this will impact less than 0.07% of the total traffic.
What can I do?
For more information, refer to the Cloudflare documentation.
As an alternative solution, you can choose to use your own SSL certificates issued by your preferred authority.