I checked the DS log and found this error from the device I am testing with:

2024-02-21 13:13:13,026 (0x0001215c) [INFO ] <241> Comm.Client.968142: Accepted a new connection from [::ffff:192.168.228.63]:51925.
2024-02-21 13:13:13,058 (0x0001215c) [ERROR] <241> Comm.Client.968142: Error authenticating client [::ffff:192.168.228.63]:51925: System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: An unknown error occurred while processing the certificate
   --- End of inner exception stack trace ---
   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Soti.Comm.Client.<OnReceived>d__37.MoveNext()

Hi 

do you have a sha1.1 & a sha2 certificate activated?

Cause with Android 10 what i remind is a SHA2 the lowest.

With Version 15.4.* is it possible to have both SHA Types on one Deployment Server.

With Android 11 is a wrong time and Date not an issue, only with the Google Store.

You can also Configure the Time settings at Group or Folder Level Down.

Hi,
Device certificates are issued when device is enrolled end then renewed when they expire. You can see device certificate under security tab on the device in WebConsole.

Some devices change time when battery is removed usually to a time when the OS were build of what i have seen. 

You should consider configure devices to sync with an NTP-server to be sure they have correct time.

Hi all,

Thank you for your answers.

I recently renewed our root certificate, it might be since then that we get this issue.
But the problem is that, an already enrolled device, loses connection and then can't reconnect as the date is too far off.
I have time sync active to our DS but when a device loses its time settings after a battery swap for example, it can't connect to the DS and therefore won't get the timesettings from the DS.

So I am kind of looking for a way to change the minimum date to connect to the server, if that is possible?

We have around 1000 active devices in kiosk mode around spread around the country, and now everytime one loses its time, it has to come in at HQ.
Which is why I would like to try and resolve this issue remotely.

Ok, it seems like the from date from the new DS certificate is 30 June 2019.

When I change the date to 29 June 2019 it won't connect, but when it's on 30 June 2019 it does connect.

Now all I need is a solution where the time settings can be changed to automatic after for example a restart.

Any idea if this is possible within android or any suggestions on 3rd party apps?

I have added an icon to the lockdown screen called "Sync Time" with a script behind it setting the autotime to the correct settings.

Once rolled out to all devices this should give us a workaround until we manage to get rid of all our old android devices.

Thanks for the help!

Hi Hubo,
 
Thanks for posting on SOTI Pulse.

Thank you, Marcus and Robert, for responding to the post, your expertise and willingness to help are greatly appreciated.

We are glad to know that your issue has been resolved. If you have any additional questions or concerns,

please don't hesitate to reach out. We're dedicated to providing assistance and support.
 
Technical Support, SOTI Inc.