No Matches Found!
Try with a different search term
No Matches Found!
Try with a different search term
There's a new home for Articles. Find Articles on Our Product Support Page.
Hello everybody, I have the following problem with my WIN CE 6.0 devices: we have a new server (windows 2012R2) with SOTI MobiControll V.14.3.3.1111 installed. It is an internal server in the closed network. Android, Win10 IoT and WinCE 6.5 are all connected and work wonderfully. The WinCE6.0 devices connect and after a few minutes they disconnect and stay disconnected until they are rebooted. in the logfile comes the following message: (0x00001090) [INFO ] [ 27] PulseChecker enter: Send: False, Check: True, Memory: 167939184, ThreadPool: 32767, 999, Queue: 0, Workers: 8 (0x00001090) [INFO ] [ 27] PulseChecker exit: Total: 22, Connected: 22, Busy: 0, Dropped: 0, Retried: 0, finished in 0 ms (0x000003e4) [INFO ] <165> Comm.Client.166171: Accepted a new connection from [::ffff:192.xxx.xxx.121]:49161. (0x000003e4) [INFO ] <165> Comm.Client.166172: Accepted a new connection from [::ffff:192.xxx.xxx.212]:53569. (0x000003e4) [WARN ] <165> Comm.Client.166172: Certificate validation failed. SSL Policy Error: RemoteCertificateChainErrors. Status: PartialChain. On the old server (Win 2008R2), everything worked fine with version 13 of Soti MobiControll. Can someone tell me why this could be and what I can do about it? greetings Georg
Shortly we need to deploy new certificates to Honeywell Dolphin 99EX devices running Windows Mobile 6.5. Given the number of devices we would like to automate this by using SOTI Mobicontrol. The certificates are Windows *.pfx files. I have succeeded deploying and installing the certificates by using a profile. However the certificate only installs in the personal certificate store of the handheld device, not in the intermediate or root certificate store. Do you have any idea why? I would expect SOTI to install the whole certificate chain. Without the certificate in the intermediate and root storage the certificate will not work.
Hello,we have setup SOTI MobiControl (14.2) on-premise, for internal (LAN) use only.When accessing the webconsole, we got a 'https unsafe' indication in the browser, indicating the website could not be trusted due to its certificates.With some help of SOTI support, we were able to import/install our own generated certificate in the MC Admin utility,and this issue is now gone. However, we still get a similar notification on the mobile devices in the device agent.Our devices are enrolled as 'work managed device' into SOTI MobiControl, using the afw#mobicontrol 'google account'.The notification appears when performing the enrollment, immediately after entering the enrollment URL in the MC app.How can we get rid of this?br, Steven
I have received documentation in the past that was a patchwork of links to different locations and I'm hoping there is something better out there. I have two servers I'm maintaining with third-party SSL certs and I feel like I'm walking on very thin ice every time I touch this area.
Hi, One of my customers is interested in getting more details into the certificates that SOTI mobicontrol uses. I took a look into the utility dashboard and there are all my certificates. When looking into those, I noticed that most of the certificate are sha-1 encrypted. I am on SOTI 13.4. Has Soti already upgraded these certificates to sha-256 in their latest versions?
Hi Experts,I'm new to certificates thing, when setting-up an On-premise instance of Mobicontrol, do I need to provide/generate certificates other than Mobicontrol Root CA to be able to run the functionality of Mobicontrol Server? Given the client will be using a FQDN for external and internal network. What is the role of certificates and what is the best practice when implementing on-premise with certificate involved? Use Case: Android Work Managed Devices (COSU) and iOS-Supervised Mode
Hi I want to aceess a website, which ask to the browser for a certificate. For this, i want to issue a certificate for each device over our internal certificate authority. In MobiControl, if I choose "Device Certificate" in de CA Template, chrome is unable to find a certificate on the device. If i choose "User Certificate" in the CA Template, chrome is able to find the certificate. But with this option, i need to add a user to each device. The Devices are not personal, its shared between different users. Is there a way to issue a certificate with MobiControl with no assign user to the device? Or wich is the best option for this use case? We use Zebra Devices with Android 7.1.2 in Android Enterprise Mode Thank you for you information. Best regards Markus
Hi, I already have a case for this(C00275940), but just wanted to check if anyone might have a suggestion. Issue: Devices of various (7.0+) Android builds, networks (4G, Wi-Fi) and OEMs cannot enroll (times our when trying to connect to server in MC agent) after a DNS update. Everything is marked green by admin util. and already enrolled devices connect just fine. If I manually enter the enrollment page in a browser, then it is properly displayed and accessible from all devices and networks (available from on internet). The weirdest is however, that when testing alongside support, THEY where able to enroll devices to the environment. None of us have been able to explain this behaviour yet. For now we have fetched ADB-logs which is then to be submitted to development. I however just have a feeling this has to do with the DS certificate. Even though this is mapped to the correct hostname and everything is marked green (And support was able to enroll their test device.). This entry is repeated in the ADB logs during enrollment: 11-01 15:37:18.310 8859 8917 E soti : Caused by: java.security.cert.CertificateException: Certificate with Issuer: 2.5.4.46=#132433323346343431352d304146332d343139392d424430432d363433323331424246454243,CN=MobiControl Root CA and Subj: CN=MobiControl Server is not trusted Brgds, Ole
Hi, I would like to publish Our Active Directory, in the platform SOTI Mobicontrol Cloud, my goal is to prohibit the direct communication between AD and the platform MobiControl Cloud.Please send me the procedure with the steps to set up the Cloud Link Agentthank you in advance
Recently we had changed our root DMZ certificate for our Zebra/Symbol MC3190 and MC3200 devices however we are having a lot of trouble with wireless connectivity on multiple devices after it went live. After the change, we are noticing that some of our Fusion profiles are not connecting anymore even after verifying our wireless settings are correct and that the correct certificate is bound to the correct profile we want to use, not all of our production devices have experienced issues. We deleted the old root certificate as well. We can use bar-code provisioning for our MC3200 devices to install a “support” profile as well as delivering the new bar-code embedded certificate which works pretty well but doesn’t stick. What we are seeing is that the certificate delivered from the bar-codes for the 3200 handhelds is disappearing each day when the device is rebooted or has a battery swapped out. Here is the tricky part, each store has its own folder for district>region>store and each store folder has individual wireless settings. Due to this structure I was not able to use the cold boot persisting bar-codes due to the fact that it leaves copies of the said profile on the handheld (if stores use the codes more than once) and we only want the device to use the store profile we created and not the "support" profile assigned by the bar-codes. It seems that the store profile is our point of failure but I am unable to determine if this is a device issue, or a profile issue. Is it possible that the individual store profile is carrying a conflicting certificate and is somehow and overriding the new root cert that we pushed out via a blanket profile over all of production? If this is the case would it require manual removal of the root certificate from each store profile? When we rolled out the new certificate we used a profile with the new root cert attached and assigned it to our production environment in phases. We then used the reporting feature to check to ensure all of our production devices received the new profile and reported "installed". We remoted in and verified the new certificate installed on a number of device's root cert store, but we are still seeing issues after the original cert expired. Is there any way the Fusion profile could get corrupted due to the certificate update? We are looking for a way that we can potentially re-provision our devices offline as they are now disconnected and we do not use networked charging cradles that can reach the deployment server in the stores. We are fervently trying to avoid needing to physically replace these units if possible. We appreciate any help or insight you can provide. Thanks
I've combed through the documentation and google-fu'd to the best of my ability, but while there's an explicit means to "Accept Untrusted Certificates" there is no documentation (that I've found) on where to establish trust for SSL certificates for LDAP by MC.The root certificate of the CA that signed our SSL certificate for LDAP is present in the certificates store (in windows) of the machine that MC is installed on. I have also been in the MCAdmin Utility and perused the Certificates section, but none of the sub-sections there appear to have any indication that they would be related to establishing trust for LDAPS.Any assistance is appreciated.
Hi, Our exchange active sync hits our netscaler which requires a client certificate generated by our internal CA. I have tried to add the CA server within the mobicontrol console but I cannot find any good documentation to assist in setting this up. Can any one help?
Hi, Last Sunday, I upgraded MobiControl from 14.0 to 14.0.2 and it's been a nightmare since. I had no issues with 14.0, but the upgrade to 14.0.2 has been regretful. Apart from dealing with SSL certificate issues, the biggest problem is MobiControl services continuously stopping for no reason. Right now, the Management Service continuously crashes every 5 to 15 minutes or so. Event Viewer shows the following: Faulting application name: Soti.MobiControl.ManagementService.Host.exe, version: 14.0.2.264, time stamp: 0x5a20b632 Faulting module name: clr.dll, version: 4.7.2558.0, time stamp: 0x59d414b7 Exception code: 0xc00000fd Fault offset: 0x000000000001358b Faulting process id: 0x1190 Faulting application start time: 0x01d3938af831b940 Faulting application path: C:\Program Files\SOTI\MobiControl\Soti.MobiControl.ManagementService.Host.exe Faulting module path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll Report Id: 51619607-ff7f-11e7-80ce-005056acfd5b Faulting package full name: Faulting package-relative application ID: MobiControl's Management Service log mentions the following failures: * Exception: A task was canceled. * [InternalLogicException: Failed to send HTTP request to proxy target] at Soti.MobiControl.Ngui.WebConsole.Handlers.ConsoleApiProxyHandler.d__4.MoveNext() * Exception: Cannot access a disposed object. Object name: 'System.Net.HttpListenerRequest'. * [ObjectDisposedException: Cannot access a disposed object. Object name: 'System.Net.HttpListenerRequest'.] Here's a new one I haven't seen before (yet more certificate errors): Exception: The message could not be processed. This is most likely because the action 'http://tempuri.org/ICacheProxyService/GetByKeys' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding. * I noticed this occurs when a technician loads the WebConsole on their first login/session (and then subsequently receives an HTTP 404 error). We then have to wait a few minutes for the service to restart, or restart it manually if the application crashed too many times. On average, the service crashes at least ten (10) times in an hour. I've tried upgrading the .NET Framework runtimes to 4.7.1 to no avail. I also upgraded Java to the latest 1.8u161 and saw no improvement. Searching the web for this type of error yields many results, including one about a Microsoft-supplied hotfix and another about switching .NET JIT compilation modes. Virtual machine specifications: Windows Server 2012 R2 Standard Microsoft SQL Server 2014 SP2 Express 2 vCPU cores with 8GB of memory 2-tier Enterprise PKI for certificates, trusted by all computers One thing I'd like to mention is that MobiControl's WebConsole is served via a NGINX reverse proxy with its own public SSL Certificate from Let's Encrypt (separate machine) while port 5494/5495 is NAT'ed directly to the MobiControl server. This setup worked flawlessly on 14.0. The only certificate I have overridden in MobiControl is the "Deployment Server Extensions and Web Console" while the insecure RSA1 1024-bit original MobiControl Root CA and related certificates still handle everything else. I'm more than eager to change them to our PKI certificates, however I'd like to sort out the current issues at hand first. Anyone else experiencing issues with the latest update or can provide some insight into the matter?
Top-tier experts who are delivering outstanding content. Should have more than 7000 points.
Experts who are consistent with great content. Should have more than 1000 points.
Highly experienced members with valuable inputs. Should have more than 700 points.
Beginners taking the initiative. Should have more than 500 points.
New contributors starting their journey. Should have more than 250 points.
