Recent certificate update and android compatibility issue

Has anyone else had an issue with Android 11 and previous versions when Auth0 certificates were recently renewed?

Hey there!

I would encourage you to raise it as a GitHub issue in our Android SDK repo so we can work on that directly with the repo maintainers. I would of course encourage you to provide more context and as many details as possible. Once you have a link to it you can share it here so we can ping the repo maintainers. Thank you!

Thank you for you advice. I will ask our developers to follow you instruction.

Perfect! Make sure to share it here once you open it

The issue encountered recently on our Andriod tablet app was in relation to a certificate handling problem. Based upon our investigation it appears that Auth0 changed certificate providers and while Auth0 provided a new valid certificate, specifically the fact the certificate contained 2 trust chains - only one of which is valid triggered an issue on Android’s handling of the certificate change. Android should ignore the invalid one and use the valid one, but in certain configurations it doesn’t do this resulting in an error until the problematic certificate is removed and on some devices the correct certificate installed.

Is this a known reported problem?