https://community.extremenetworks.com/t5/hero-discussions/android-11-update-server-certificate-validation-error-and/m-p/40354#M11 <P>Hi fellow Hero's</P><P>With the new Android 11 update being pushed out now.</P><P><EM>"In December 2020, the planned Android 11 QPR1 security update will disable the ability to select “<STRONG>Do not validate</STRONG>” for the&nbsp;<STRONG>“CA Certificate</STRONG>” dropdown in network settings for a given SSID"</EM></P><P><EM>While the change itself is a minor one,<STRONG> it will have a disproportionately far-reaching impact</STRONG>. Many organizations use this setting to avoid implementing proper EAP server certificate validation due to the perceived difficulty of configuring x.509 digital certificate authentication.</EM></P><P><EM>Come December, Androids configured with this workaround will find their Wi-Fi services interrupted. Organizations need to address this issue now to prevent chaos as updates gradually roll out to Android devices throughout the month.</EM></P><P><EM>Managed devices are easy to configure and enroll, but most Android devices on a network are (understandably) BYOD. That means that, at some point in the process of configuration, the end user has to be involved. There are a myriad of different types of Androids and, despite their common operating system, they rarely all follow the same configuration blueprint. "</EM></P><P>&nbsp;</P><P>Some other Vendors allows for installation of a Certificate to Android devices using their NAC solutions.&nbsp;Will Extreme have a solution for this or is it&nbsp;something that we would need to look at some 3rd party?</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P> Tue, 08 Dec 2020 17:21:00 GMT Andre_Brits_Kan 2020-12-08T17:21:00Z https://community.extremenetworks.com/t5/hero-discussions/android-11-update-server-certificate-validation-error-and/m-p/40354#M11 <P>Hi fellow Hero's</P><P>With the new Android 11 update being pushed out now.</P><P><EM>"In December 2020, the planned Android 11 QPR1 security update will disable the ability to select “<STRONG>Do not validate</STRONG>” for the&nbsp;<STRONG>“CA Certificate</STRONG>” dropdown in network settings for a given SSID"</EM></P><P><EM>While the change itself is a minor one,<STRONG> it will have a disproportionately far-reaching impact</STRONG>. Many organizations use this setting to avoid implementing proper EAP server certificate validation due to the perceived difficulty of configuring x.509 digital certificate authentication.</EM></P><P><EM>Come December, Androids configured with this workaround will find their Wi-Fi services interrupted. Organizations need to address this issue now to prevent chaos as updates gradually roll out to Android devices throughout the month.</EM></P><P><EM>Managed devices are easy to configure and enroll, but most Android devices on a network are (understandably) BYOD. That means that, at some point in the process of configuration, the end user has to be involved. There are a myriad of different types of Androids and, despite their common operating system, they rarely all follow the same configuration blueprint. "</EM></P><P>&nbsp;</P><P>Some other Vendors allows for installation of a Certificate to Android devices using their NAC solutions.&nbsp;Will Extreme have a solution for this or is it&nbsp;something that we would need to look at some 3rd party?</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P> Tue, 08 Dec 2020 17:21:00 GMT https://community.extremenetworks.com/t5/hero-discussions/android-11-update-server-certificate-validation-error-and/m-p/40354#M11 Andre_Brits_Kan 2020-12-08T17:21:00Z