- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
10-28-2020 10:39 AM
I have been trying to get this to work for days not and I am not getting anywhere. I always seem to struggle with certs due to how they are chained.
On my Palo I have a rootca (self-signed, certificate authority), intermediateca (issued by rootca, and also certificate authority), then I cut a cert called gp-cert (issued by intermediateca, non certificate authority).
My cert profile includes the intermediateca and the SSL/TLS SP includes the gp-cert.
I have downloaded the intermediateca cert without private key in PEM format and exported the gp-cert with private key in PSK12 format.
My DNS name for my gatway/portal lets say is vpn.company.com
vpn.company.com is the CN for the gp-cert
I upload these to my iPhone11 and when I attempt to connect I get an error:
Cannot verify server identity
There is a problem with the security certificate. The identity of vpn.company.com cannot be verified.
My options are cancel or detail.
Detail gives me the certificate details and thats it.
I always remember I could click continue when this happens so did something change in iOS or is this an issue with my certs and how I have them chained or exported, or even signed?
10-31-2020 04:27 PM
Hello,
Please check if your certificate adheres to these requirements: https://support.apple.com/en-us/HT210176
- DM
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!