I have only recently installed Diversion Standard - everything seem to be working fine but I have a few questions around the data on the Servstats page. Initially I was seeing slu:slh ratio of about 20:1. Having installed a lot of client certificates (and have about 4 devices to go) this is now down to about 2:1 and I have set logging to -l 2 to investigate further.
Looking at the syslog I am seeing three types of output
pixelserv-tls[24063]: handshake failed: shutdown after ServerHello. client 10.55.00.134:56774 server nexusrules.officeapps.live.com
pixelserv-tls[24063]: handshake failed: unknown cert. client 10.55.00.136:58418 server reports.crashlytics.com
pixelserv-tls[24063]: handshake failed: unknown CA. client 10.55.00.134:56803 server telemetry.dropbox.com
Are all three of these in relation to the slu failures?
What is the difference between unknown cert and unknown CA
Also I have some (very few) slm - does this refer to a missing certificate at the website or if not, where should I be looking?
While I have yet to install a certificate on 10.55.00.134, device 10.55.00.136 is a Samsung S7 running Android 8 - I can see the Pixelserv certificate sitting in the Certificates list, yet I am still seeing a steady stream of unknown cert Another user is a Nokia 7.1 running Android 10 - again the certificate is where it should be, but the devices is getting the same unknown cert errors - any idea where I can look to see why these phones are ignoring / bypassing the certs?
.
