Hi Quinn, Just a quick follow-up to let you know that we have finally resolved the issue. Following your advice, we initiated the process with our CA to issue a new certificate with an expiry date outside the problematic 8-hour window. It took us a while to get the new certificate fully deployed through our release process, but we can now confirm that everything is working as expected. Your clear explanation and guidance were essential for us to resolve this tricky issue. Thank you again for your excellent support. Best regards,

Hi Quinn, Thank you for the detailed and clear response. We completely understand the restrictions around discussing future releases and the scope of your support. Your explanation regarding the potential for an OTA update was very helpful. We have all the information we need for now and will proceed with the workaround by issuing a new certificate. Thanks again for all your help.

Hi Quinn, While we await the issuance of the new certificate, we would like to confirm a couple of points to deepen our understanding of this issue. First, is there any possibility that this bug will be fixed in a version later than beta8? Second, to verify that this is an issue specific to a certain period, would you be able to provide any other FQDNs and requestable URLs that are known to exhibit the same problem, aside from the one we have already presented? Thank you for your continued support.

Hi Quinn, Thank you for your investigation and for providing a clear explanation of the root cause. We appreciate the detailed analysis and the suggested workaround. Following up on the original point of investigation, we consulted our Certificate Authority regarding SCT compliance with Apple's policy. They have confirmed that our certificate is indeed compliant. Therefore, we are hopeful that the workaround you've proposed will be successful in resolving this issue. Next Steps: Based on your recommendation, we will initiate the process with our CA to request a new server certificate with a Not After date that falls outside the problematic 8-hour window on July 1, 2026. As this process will require some time to complete, we will provide an update in this thread as soon as the new certificate is deployed and we have had the opportunity to validate the results. Thank you again for your continued support on this matter.

Hi Quinn, Thank you very much for your detailed investigation and report. As you suggested, we are now preparing to contact our Certificate Authority (CA). In the meantime, while we await their response, we have conducted our own preliminary investigation into the SCTs, and we would like to share our methodology and findings. Our goal was to verify if the SCT Log IDs served by i.socdm.com are included in the trusted CT log lists provided by Apple and Google. Our verification process is as follows: Extract the Log IDs from the server's certificate chain and convert them to Base64. Check for the presence of these Base64 Log IDs within the official log lists from Apple and Google. Commands and References Used: Log ID Extraction Command: domain="i.socdm.com" log_ids=$(echo | openssl s_client -servername "$domain" -connect "$domain:443" 2>/dev/null | \ openssl x509 -text -noout | \ awk '/Log ID/{sub(/.*: /,""); printf "%s", $0; getline; sub(/^[ \t]+/, ""); print}' | \ tr -d ':') while IFS= read -r hex_id; do base64_id=$(echo "$hex_id" | xxd -r -p | base64) echo $base64_id done <<< "$log_ids" Apple: https://valid.apple.com/ct/log_list/current_log_list.json Google: https://www.gstatic.com/ct/log_list/v3/log_list.json Preliminary Findings: Based on our current understanding and the verification method described above, it appears that the extracted Log IDs are present in both Apple's and Google's trusted lists. However, we are not certain if our verification method is exhaustive, which is one of the reasons we are also consulting our CA. Next Steps: We will continue our investigation into the CT configuration. However, as you noted, debugging CT issues can be complex, and we anticipate challenges. Given this, we would appreciate it if your team could continue to investigate the possibility of an issue within iOS itself. We will update the bug report (FB19729881) as soon as we have a response from our CA or any further findings from our side. Thank you for your continued support.

Hi Quinn, Thanks for the guidance. I have already filed a report in Feedback Assistant for this issue, which I did at the same time as I created this post. The Feedback ID is: FB19729881 I'd still appreciate any information or potential workarounds that might be shared here in the meantime. Thanks again.