Security is a hot topic and it's always evolving — what was okay yesterday might not be today.
When you use the xMatters mobile app on your device to authenticate to your corporate SAML identity provider (IdP), an SSL certificate is used to establish trust between the IdP server and the mobile app.
Currently, if the SSL certificate is invalid (for example, it's expired or self-signed), the mobile app prompts you but you're allowed to continue with the invalid certificate.
The xMatters mobile apps will be updated to no longer allow the use of invalid SSL certificates when authenticating with the IdP. Instead, you'll need to log in using your xMatters account, or be redirected back to the xMatters hostname screen.
Avoid User Downtime
To ensure operational continuity and avoid users not being able to use the xMatters mobile app, make sure the SSL certification configured on the IdP uses a valid certificate signed by a trusted 3rd party.
Mobile App Release Timeline
The update to the xMatters mobile app will appear in the following releases:
- iOS version 3.10 - Target June 21 2018 release.
- Android version 2.11 - Target July 5 2018 release.