Related Article

List of available trusted root certificates in iOS 9

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Question:

Question: Ipad 2 IOS 9.3.5 - How to add a new root certificate to the trust store? Wikipedia inaccessible.

As of October 2021 sites such as Wikipedia which use an updated Let's Encrypt SSL Certificate no longer can be accessed via Chrome or Safari browsers available for this device. The ios 9 trust store lacks the ISRG Root X1 root cert: https://letsencrypt.org/docs/certificate-compatibility/


Is there any way for users to update our device's trust store with this root certificate?


To others left without ability to use wikipedia on these devices, note that you can use Maxthon Browser v5.4.8.3 to access wikipedia and other sites using these types of ssl certs (you are prompted to "cancel" or "continue" during notification that the site's security cannot be trusted, whereas chrome and safari offer no option to continue to the site.


Thanks

Posted on Oct 4, 2021 2:22 PM

Reply
Question marked as Solved
Answer:
Answer:

There's no good way to do this, that far back.


Probably the least-bad option, which requires some work on a Mac with more recent software... Try creating a configuration profile with the LetsEncrypt root certificate and the LetsEncrypt intermediate certificate on a Mac with the Apple Configurator 2 app installed, and see if that configuration profile can then be installed on the iPad second-generation, and allow access.


Or use an alternate browser with its own certificate store.


Or replace the iPad 2 with something supported by recent or current iOS versions.

Posted on Oct 4, 2021 2:46 PM

There’s more to the conversation

Read all replies
Question marked as Solved

Oct 4, 2021 2:46 PM in response to letters9umbers In response to letters9umbers

There's no good way to do this, that far back.


Probably the least-bad option, which requires some work on a Mac with more recent software... Try creating a configuration profile with the LetsEncrypt root certificate and the LetsEncrypt intermediate certificate on a Mac with the Apple Configurator 2 app installed, and see if that configuration profile can then be installed on the iPad second-generation, and allow access.


Or use an alternate browser with its own certificate store.


Or replace the iPad 2 with something supported by recent or current iOS versions.

Oct 4, 2021 2:46 PM

Reply Helpful

Oct 6, 2021 2:28 PM in response to parapunter In response to parapunter

parapunter, thanks a ton! That worked like a charm. I had already marked the first response with "solved" yesterday before your reply, and it appears I cannot mark yours as such after that. But your suggestion absolutely worked and solved the issue.

Thanks again.

Oct 6, 2021 2:28 PM

Reply Helpful

Oct 26, 2021 2:00 PM in response to Fia-Lotta In response to Fia-Lotta

Fia-Lotta wrote:

How do i get that file into my Mac, the file is loading down, but how can i get it to the right place so it will help my computer?


This thread is about old versions of iOS for iPad and iPhone, so a different issue and different tools. For a Mac, your best option is to upgrade to Sierra or High Sierra or newer. If your Mac is permanently stuck at El Capitan, Open Keychain Access, select the System Roots keychain, and add and trust the newly-downloaded certificate. If you have access to a newer Mac (High Sierra or newer), export all of the certificates there, transfer, and import them.

Oct 26, 2021 2:00 PM

Reply Helpful

Oct 26, 2021 3:37 PM in response to Fia-Lotta In response to Fia-Lotta

Fia-Lotta wrote:

Thanks for your help, i can come to the system Roots, but after that Im bet ..... i just now try to load down Firefox, it might help!


What's the model and year of your Mac? Apple > About This Mac > (if the model and year doesn't show in that display) > select Hardware, and post the Mac Model Identifier from the Hardware Overview display. That Mac model identifier should be a string and a pair of comma-separated numbers, for instance, iMac21,1. Post that model identifier string here. With the Mac model and year, or the Mac hardware identifier, somebody here can fetch your upgrade options.


As for importing the certificate, that's akin to this:


Keychain Access > File > Import Items > select the certificate file that you've downloaded.


I don't have an El Capitan or older Mac handy to check that, though.

Oct 26, 2021 3:37 PM

Reply Helpful

Oct 26, 2021 5:17 PM in response to Fia-Lotta In response to Fia-Lotta

MacBook Air 13” mid 2011 (MacBookAir4,2) can be upgraded to High Sierra, and this certificate problem goes away.


Have a backup before the upgrade. https://support.apple.com/en-us/HT201250


Download the installer using Safari: https://apps.apple.com/us/app/macos-high-sierra/id1246284741?mt=12

Oct 26, 2021 5:17 PM

Reply Helpful
User profile for user: letters9umbers

Question: Ipad 2 IOS 9.3.5 - How to add a new root certificate to the trust store? Wikipedia inaccessible.