Tech Community Live: Microsoft Intune
Oct 01 2024, 07:30 AM - 11:30 AM (PDT)
Microsoft Tech Community

Cert Based Auth no longer working on Android devices.

Copper Contributor

Curious as to how wide spread this is/will be. Windows and iOS is fine, only affecting android.
You can easily test this by revoking MFA sessions on a user who is using cert based auth on a android phone.

I'm not sure if there has been a update recently to Android Microsoft Office apps where it thinks the certs live inside the intune company portal and is not looking for certs in the phones cert store.

BYOD work profile Android 14 phones are being problematic, when a user changed their password and Azure revoked their sessions for a reauth, the issue started occurring.
I tested this on another user manually revoking their MFA sessions without changing their password same issue occurred. I also setup a brand new Android phone and had the same issue after enrolling it.

The issue is when the user opens outlook or teams and goes to sign in, it will pop up asking to use a cert on the device or a physical key. When selecting on the device the phone will freeze it will then eventually say ""company portal isn't responding" with the options of wait or cancel. Opening chrome in the work profile and going to a office app site will popup asking for the cert and works fine. So the issue doesn't appear to be the phone getting the cert, just the Office Apps are not accessing the Phones cert Store. I can confirm the Cert is inside the work profile as a browser or cert viewer app inside the workprofile can see it, auths work fine when using a browser in work profile, just not outlook or teams inside the work profile.

 

2 Replies

@JoshM123 
Facing a similar issue. But only in pixel devices, works fine in other androids. Not sure why but i'm unable to get the certificate prompt itself in pixel devices alone.(getting it in Office 365 apps but unable to authenticate myself )

@nithinnandha 

 

If you deploy google chrome and run it in the work profile, does you cert work fine in there?