Not a bug: PP renewed certificates without SANs?


Freshly Joined Member
My phone can no longer connect to the VPN. I don't use this device often (I think I haven't used it this year until now), and I have always on VPN enabled, this means I cannot update the application without having an active connection first.

When I check the logs after failed connectivity for any location, I get the following:

"received end entity cert, C=.. O=..,"
certificate valid until august
"subject certificate invalid, no trusted RSA pub key found for"

It's very likely that you have renewed these certificates recently this year without keeping the Subject Alternative Name fields.
I see you rotate them every 3 months, so the issue may even be older than 3 months, since I couldn't find a location with an older certificate, that would maybe be accepted by my device.

I'm using a One Plus 7 Pro with Oxygen OS, so this is concerning the Android application.