I have a DigitalOcean hosted server using a Let’s Encrypt certificate for my game server connection.
On some older android devices I am getting certificate validation errors, because, I think, the Let’s Encrypt root certificate is too recent.
[Edit: I can confirm that the ISRG Root X1 certificate is not present on my test device, a Samsung S5]
If I use an unencrypted (http) connection to the server then it all works fine, but Google Play won’t accept my app unless I declare that the data is unencrypted and I assume this will flag a privacy risk in the store listing (quite rightly).
Is there a way to provide custom validation in my Unity app by, perhaps, hardcoding the public key of my certificate? I did find an older post with some example code, but appears to be incompatible with the latest Unity SDK.
What is best practise in this case? I would like to support older devices if possible.
Thanks.