We are trying to emulate the same fix in the broker where we :
Clear the current RSA key
re-generate the RSA key
for the error com.nimbusds.jose.JOSEException: Invalid private RSA key: Keystore operation failed
WHY?
The recent Samsung updates for S21 seem to be corrupting the RSA key in the Keystore and we do not have a recovery path to generate a new one. I am scoping this change only to the cases where we see internal Keystore code: -33.
Testing?
Tested by forcefully clearing the current key, expiring the token and then making sure the token is returned using the newly generated key.
Fix for the ICM: https://portal.microsofticm.com/imp/v3/incidents/details/427505121/home?fullScreen=incident-description
WHAT? The error Invalid private RSA is prevalent on Samsung S21 devices Android 13 asper the telemetry and as per the Microsoft Defender team.
MAM team faced the same issue and have opened a ticket on Samsung. MAM fix: https://msazure.visualstudio.com/Intune/_git/xplat-Android-MDM/commit/221c0ff82504386e283c3e6164b2e142c6c9e436?refName=refs/heads/rygo/keystore
We are trying to emulate the same fix in the broker where we :
for the error com.nimbusds.jose.JOSEException: Invalid private RSA key: Keystore operation failed
WHY? The recent Samsung updates for S21 seem to be corrupting the RSA key in the Keystore and we do not have a recovery path to generate a new one. I am scoping this change only to the cases where we see internal Keystore code: -33.
Testing? Tested by forcefully clearing the current key, expiring the token and then making sure the token is returned using the newly generated key.