Jump to content

MDM and weak certificate

Lockbits
 Share

Recommended Posts

Lockbits

Lockbits 10

Posted
Posted

Hello guys,

We have a customer with the following issue. There're two Android devices that were updated to EESA version 2.9.4.0 and these two devices are reporting the following alert to ESMC:

image.png.6cba38a651802d6ea6e56c6e60e162c9.png

I realized that version 2.9.4.0 has the following change:

Improved: Certificate security - insecure certificate warning during enrollment + certificate hostname verification (a warning displayed during update or enrollment)

How can we fix this certificate issue? The MDM was installed using the standard procedure. 

Thanks.

Link to comment
Share on other sites
Lockbits

Lockbits 10

Posted
  • Author
Posted
4 hours ago, Peter Randziak said:

Hello,

the certificate requirements are listed at https://help.eset.com/esmc_install/72/en-US/certificate_mdm_https_requirements.html I would start with checking if it the one used meets those...

Peter

Hi Peter,

In case we need to modify or change the certificate, it's necessary to enroll all devices again? Or the certificate can be changed without affecting connection to current smartphones?

Link to comment
Share on other sites
  • ESET Staff
Mirek S.

Mirek S. 18

Posted
  • ESET Staff
Posted (edited)

Hello,

Android team is currently investigating this issue with self-signed certificates. If You use self-signed certificates (ESMC generated) please fill ticket with customer care so there is more data regarding this (we will need logs from phone and mdm certificate to speed up the process).

Sorry for inconvenience,

M.

Edited by Mirek S.
Link to comment
Share on other sites
Lockbits

Lockbits 10

Posted
  • Author
Posted
20 hours ago, Mirek S. said:

Hello,

Android team is currently investigating this issue with self-signed certificates. If You use self-signed certificates (ESMC generated) please fill ticket with customer care so there is more data regarding this (we will need logs from phone and mdm certificate to speed up the process).

Sorry for inconvenience,

M.

Hi Mirek,

I sent you a private message.

Thank you.

Link to comment
Share on other sites
  • ESET Moderators
Peter Randziak

Peter Randziak 1,130

Posted
  • ESET Moderators
Posted

Hello guys,

We have probably identified the cause of the issue.

It seems that it happens after the device was unable to connect to MDM due to connectivity issues.

Fix should be included in upcoming versions.

Peter

(P_EES2A-3585)

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...