Negligible amount of clients in android/ios devices getting SSL error

Started by networkloser, December 05, 2023, 05:46:44 AM

Previous topic - Next topic

networkloser

I've read these stuffs:
We've tried mobile data and different ISPs and the problem seems to persist.


https://maulwuff.de/research/ssl-debugging.html



https://serverfault.com/questions/872424/why-are-some-people-getting-a-connection-not-secure-page-when-accessing-my-serve

Would ssl pinning fix this issue of very few clients getting ssl error?

https://developers.wultra.com/components/ssl-pinning-android/1.3.x/documentation/

There is an option to install CA cert on android, but is it worth the hassle or is there something simpler and efficient?

deanwebb

Is the SSL error with an internal-facing webpage or an externally-facing one?

If the cert for the webpage depends upon reaching a particular CA server, then if a path between the CA server and the endpoint does not exist, the SSL operation will fail. If the cert for the webpage is from an internal CA server, then the root cert must be installed on the endpoint. If the cert is from a third-party commercial entity, then it is likely that the root cert is already installed on the endpoint, but if damaged will require re-installation.

What's the exact issue and errors observed?
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.