Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
12-07-2021 05:37 PM
Hello,
I’m in the middle of trying to make a gateway for iOS devices and I’m having an issue. I use MobileIron to push out the config and it uses an MI SCEP cert; I’ve added the MI SCEP CA to the PAN device and set it up as the auth profile. If I only do UN/PW I have no issue but as soon as I add cert requirement, the iPhone GP app has an error and if I check the PAN traffic log I see my phone IP traffic behind denied with a session end reason as “decrypt-cert-validation.” Based on what I have been able to read, this might be due to a cert not being X509 compliant.
Can anyone help me understand what specifically is required in the cert or does anyone have any experience with this issue/config?
Thanks in advance.
12-17-2021 11:43 AM
Hi,
not sure if this is related to your issue but I had problems with iOS clients when the portal certificate was valid for more than one year.
I don't have the link at hand, but basically Apple doesn't accept any certificates with a validity longer than one year.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
