Here's what i've written to support@metabrainz.org on On Apr 1, 2017, at 16:00

Dear MetaBrainz Support,

I'm the maintainer of the open source nusic android app (listed here
https://metabrainz.org/supporters/tiers/8).
Recently, a bug has been reported that occurs when connecting to the
MusicBrainz API via HTTPS on all devices running Android < version 6. It
renders the app almost useless, as it heavily depends on MusicBrainz data.

Here's a link to the issue: https://github.com/schnatterer/nusic/issues/12

The report and my investigation show error messages such as " No peer
certificate" or "Trust anchor for certification path not found", which
show some relation to TLS Certificates.

While trying to fix the bug client side (no success, yet) I discovered
that musicbrainz.org ships two certificates, one self-signed and another
one signed by Gandhi CA.
You can see it here:
https://www.ssllabs.com/ssltest/analyze.html?d=musicbrainz.org
Or by calling
openssl s_client -tls1 -connect musicbrainz.org:443
which returns a self signed certifacte and
openssl s_client -tls1 -servername musicbrainz.org -connect
musicbrainz.org:443
which returns the officially signed certificate.

Did you change any of your certificate settings within the last months?
Could you fix this server side?
Or could you help me fix this or give me some insight why this happens?

Any help is appreciated, as a lot of users have abandoned nusic already
and probably half or the remaining ones affected by the issue.

Unfortunately (in regard to this issue) I'm about to go on holidays for
four weeks, so it might take me a bit longer to get back to you.
Thanks in advance for your support.

Kind regards,
Johannes