In rare cases, devices can have problems connecting to signageOS over secured encrypted connection. Usually it happens if:
the device is misconfigured
it has wrong time
SSL certificate is not acknowledged as a valid one by the device
device network is secured by firewall that blocks the connection
If any of the above mentioned happens, the device is offline and it is not possible to perform any remote management actions.
For such cases, signageOS features a failover connection, that can be on-demand temporarily established. This failover connection connects such device to a non-ssl server.
How it works?
In case Core Apps are not able to connect to the signageOS, they are checking in 10 mins interval to a special endpoint with a self-signed request. This endpoint then can force the device to connect to the non-ssl server. The request is single purpose, encrypted by the private device hash thus secured even though it's not using SSL connection.
In Box, you will see a notification saying that such a device is not able to connect to the SSL-secured server. By pressing a button, you can then force the device connecting to a non-ssl server and regain remote management access.
Even though it's unlikely event, having devices connected to the non-ssl server presents a high security risk. You should use this feature only in case you are certain about network security and immediately turn the failover connection off, once you fix the root cause issue.