Unable to sign in to or sync Samsung Email app
Last updated August 31st, 2023
Categories:
Environment
- Knox Platform for Enterprise
- EMMs
- Samsung Email 6.1.82.0 connected to Microsoft Exchange Server configured for Exchange ActiveSync
Overview
After updating the Samsung Email app to version 6.1.82.0, and your enterprise uses Microsoft Exchange Server and the Exchange ActiveSync protocol, you might encounter an error where you are unable to sign in to or sync your email account.
Cause
For Samsung Email 6.1.82.0 or higher, a security patch has been applied to check for a match between the mail server’s fully qualified domain name (FQDN) and the Subject Alternative Name (SAN) in the certificate. Following CWE-297, the mail server’s FQDN should be present in the SAN.
If there is a mismatch between the mail server’s FQDN and SAN, the following email log is generated on the device. In the following example, the example FQDN host3.example.com doesn’t match any of the entries in SAN.
ASHTTPRedirectHandler com.samsung.android.email.provider D executePostWithTimeout(): IOException javax.net.ssl.SSLPeerUnverifiedException: Hostname host3.example.com not verified:
certificate: xxx/xxx=
DN: CN=
subjectAltNames: [host1.example.com, host2.example.com]
Resolution
There are several methods that your enterprise can employ to resolve this issue:
- Modify the SAN in your enterprise’s certificate to include the FQDN.
- Modify the Exchange server name setting in your managed configuration for Samsung Email.
On this page
Is this page helpful?