Lockbits 10 Posted October 28, 2020 Share Posted October 28, 2020 Hello guys, We have a customer with the following issue. There're two Android devices that were updated to EESA version 2.9.4.0 and these two devices are reporting the following alert to ESMC: I realized that version 2.9.4.0 has the following change: Improved: Certificate security - insecure certificate warning during enrollment + certificate hostname verification (a warning displayed during update or enrollment) How can we fix this certificate issue? The MDM was installed using the standard procedure. Thanks. Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,081 Posted October 29, 2020 ESET Moderators Share Posted October 29, 2020 Hello, the certificate requirements are listed at https://help.eset.com/esmc_install/72/en-US/certificate_mdm_https_requirements.html I would start with checking if it the one used meets those... Peter Link to comment Share on other sites More sharing options...
Lockbits 10 Posted October 29, 2020 Author Share Posted October 29, 2020 4 hours ago, Peter Randziak said: Hello, the certificate requirements are listed at https://help.eset.com/esmc_install/72/en-US/certificate_mdm_https_requirements.html I would start with checking if it the one used meets those... Peter Hi Peter, In case we need to modify or change the certificate, it's necessary to enroll all devices again? Or the certificate can be changed without affecting connection to current smartphones? Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,081 Posted October 30, 2020 ESET Moderators Share Posted October 30, 2020 Hello, the certificate replacement process is described at https://help.eset.com/esmc_admin/72/en-US/certificate_replacement.html Peter Link to comment Share on other sites More sharing options...
ESET Staff Mirek S. 18 Posted November 1, 2020 ESET Staff Share Posted November 1, 2020 (edited) Hello, Android team is currently investigating this issue with self-signed certificates. If You use self-signed certificates (ESMC generated) please fill ticket with customer care so there is more data regarding this (we will need logs from phone and mdm certificate to speed up the process). Sorry for inconvenience, M. Edited November 1, 2020 by Mirek S. Lockbits and Peter Randziak 2 Link to comment Share on other sites More sharing options...
Lockbits 10 Posted November 2, 2020 Author Share Posted November 2, 2020 20 hours ago, Mirek S. said: Hello, Android team is currently investigating this issue with self-signed certificates. If You use self-signed certificates (ESMC generated) please fill ticket with customer care so there is more data regarding this (we will need logs from phone and mdm certificate to speed up the process). Sorry for inconvenience, M. Hi Mirek, I sent you a private message. Thank you. Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,081 Posted November 5, 2020 ESET Moderators Share Posted November 5, 2020 Hello guys, We have probably identified the cause of the issue. It seems that it happens after the device was unable to connect to MDM due to connectivity issues. Fix should be included in upcoming versions. Peter (P_EES2A-3585) Link to comment Share on other sites More sharing options...
Recommended Posts