Operational Defect Database
BugZero updated this defect 52 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
VMware | 96811
[CRSVC-44714] Missing SAN in EJBCA Certificate Template Causes Profile Installation Failures
Last update date:
3/28/2024
Affected products:
Workspace ONE
Affected releases:
No affected releases provided.
Fixed releases:
No fixed releases provided.
Description:
Symptoms
Beginning with versions 23.10.0.6 and 23.6.0.23, certificate profile installation failures can occur when using EJBCA as the certificate authority, specifically when the certificate template does not have a SAN. The profile installation failures occur on newly enrolled devices receiving the profile for the first time on the affected versions, and on existing devices when the profile is repushed on the affected versions.
Impact / Risks
Devices will not receive the certificate, and as such, any authentication flows using the certificate (Wi-Fi, Email etc.) will fail.
Resolution
A fix has been identified and is available with the following Workspace ONE UEM releases:23.6.0.2323.10.0.624.2.0.0
Workaround
Update the EJBCA certificate template to include a SAN. Note that this may need configuration changes on the certificate authority as well.
