Release 5.2.0 - including important guidance if you support old versions of Android for your sites

V5.2.0 has now been released:

:warning: Important Update for users who need to support old versions of Android on their sites.


This version provides new support for “preferred chain”, this is important for users who still need to support older Android devices using their sites.

On January 11 2021 Let’s Encrypt will move to a new a root certificate ISRG Root X1 which is not trusted in older versions of Android. Affected users should set their preferred chain to DST Root CA X3 either at their Let’s Encrypt account level (Settings > Certificate Authorities) or on specific certificates in Certificate > Advanced > Certificate Authority.

For further info:

Alternatively switch to using an alternative Certificate Authority with an existing trusted root (e.g BuyPass Go or ZeroSSL).


  • Other enhancements in this version:

    • Added ZeroSSL as a standard Certificate Authority option. To get started with ZeroSSL go to zerossl.com and create a free account, then go to Developer > EAB Credentials for ACME Clients > Generate to get your ‘External Account Binding’ credentials. You can then add your ZeroSSL account under Settings> Certificate Authorities, New Account. See the Advanced tab to set EAB credentials.

    • New support for External Account Binding - this lets you use certificate authorities which require this feature.

    • New settings preference UI for NTP server check (time sync diagnostic).

    • External certificate managers and the PFX password option features are now enabled by default.

    • General UI updates and bug fixes