Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. How the Microsoft Intune root certificate change affects Android devices

How the Microsoft Intune root certificate change affects Android devices

Summary

Microsoft updated the Microsoft Intune root certificate from the GTE CyberTrust Root certificate to the Baltimore CyberTrust Root certificate. Baltimore-based certificates are not supported on Android devices of versions earlier than 2.3.4 (Gingerbread). Therefore, these devices may be unable to connect to the Microsoft Intune service. For Android devices of version 2.3.4 and later versions, there is native support in the Android operating system for Baltimore-based certificates.

Important This information is provided as general guidance. Because device compatibility for certificates may vary, we recommend that you contact your Android device manufacturer.

↑ Back to the top

More Information

On September 5, 2012, Microsoft updated its publicly trusted SSL infrastructure with a new 2,048-bit root (the Baltimore CyberTrust Root) in order to comply with the latest industry standards for minimal key strength certificates. This change means that SSL certificates that all connecting device requests after this change will be issued from the new Baltimore root. All certificates that were obtained before the change were issued from the GTE root. Certificates that were issued from the GTE root will see no immediate effect until after July 31, 2013. Currently, these certificates will no longer be valid even if their "valid to" date is after July 31, 2013.

Android added support for Baltimore CyberTrust Root certificates in version 2.3.4 of the operating system. Device versions before this update may not support the Baltimore certificate and therefore will be unable to connect to the Microsoft Intune service. We recommend that you contact your device manufacturer to determine whether Baltimore support was added to your Android device.

↑ Back to the top

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

↑ Back to the top


Applies to

This article applies to the following:
  • Microsoft Intune

↑ Back to the top

Keywords: kbexpertiseinter, kbinfo, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 2832607
Revision : 1
Created on : 1/7/2017
Published on : 10/27/2014
Exists online : False
Views : 100