Some Android devices use VPN software that does internet filtering via MITM and then signs those connections with its own certificate (which is added to the user certificate store).
However, Android apps targeting API levels above 23 don't include the user certificate store by default, meaning that those connections fail with SSL errors unless the app has a network-security-config that allows those user certificates. (For example, most browser apps on Android allow user certificates)
See:
Some Android devices use VPN software that does internet filtering via MITM and then signs those connections with its own certificate (which is added to the user certificate store).
However, Android apps targeting API levels above 23 don't include the user certificate store by default, meaning that those connections fail with SSL errors unless the app has a
network-security-configthat allows those user certificates. (For example, most browser apps on Android allow user certificates)See: