Certificate problem in Safari (iOS)

  • strict warning: Only variables should be passed by reference in /var/sites/e/enterpriseios.com/public_html/sites/all/modules/contrib/captcha/captcha.inc on line 61.
  • strict warning: Only variables should be passed by reference in /var/sites/e/enterpriseios.com/public_html/sites/all/modules/contrib/captcha/captcha.inc on line 61.
  • strict warning: Only variables should be passed by reference in /var/sites/e/enterpriseios.com/public_html/sites/all/modules/contrib/captcha/captcha.inc on line 61.
  • strict warning: Only variables should be passed by reference in /var/sites/e/enterpriseios.com/public_html/sites/all/modules/contrib/captcha/captcha.inc on line 61.
  • strict warning: Declaration of views_handler_field_user_name::init() should be compatible with views_handler_field_user::init(&$view, $data) in /var/sites/e/enterpriseios.com/public_html/sites/all/modules/contrib/views/modules/user/views_handler_field_user_name.inc on line 61.
Maggie_K's picture

Maggie_K

Joined: Sep 15, 2014
Submitted by Maggie_K on May 6, 2014 - 9:51am
Your rating: None (2 votes)

Hi,
I have a problem with opening a website that requires a .p12 certificate with Safari on iOS if I have more than one certificate installed on the device. While entering the page I need to select proper certificate many times when every single element of the page is loading. If I had only one certificate on the device, the right one would be selected by default and there would be no need to select it multiple times. On OS X the problem may be resolved by installing the certificate and adding a New Identity Preference to the Keychain on the Mac to force Safari using particular .p12 certificate to authenticate on the specific page.
Is there any solution for this case on mobile devices with iOS?

‹ Signup for the iOS Developer Enterprise Program Apple Introduces Education Pricing for iPad Air and Retina iPad Mini ›
Top
mdibella's picture

mdibella

Joined: May 6, 2014

Certificate problem in Safari (iOS)

Post by mdibella, Tuesday May 6 2014, 17:58 pm
Your rating: None

Well, you have two problems, and they are both require server-side, not client-side configuration changes.

First, you are being prompted to select a certificate because the server is not sending a trusted certificate authority list to the client during TLS negotiation. Typically this is accomplished by defining a Certificate Trust List and assigning it to the listener serving the website application. The details for doing are implementation-specific and depends the software (Apache, IIS, etc) used on the server and sometimes the version. When the server sends a CA list, the client knows which authority the server wants presented for authentication and can automatically select a client certificate signed by that authority from the keystore.

Second, if you are being re-prompted to select a certificate on every navigation action it probably means that HTTP Keep-alive is not properly configured on the server side. Certificate authentication is processed during TLS negotiation, which happens after the TCP connection is established but before the first HTTP request envelope is passed. If HTTP Keep-alive isn't configured, the server will close the TCP connection immediately after sending the HTTP response. The client then must re-establish the TCP connection, and re-negotiate TLS, forcing re-authentication, which triggers the behavior above.

Top
Maggie_K's picture

Maggie_K

Joined: May 6, 2014

This helped a lot, thank you!

Post by Maggie_K, Friday May 9 2014, 9:01 am
Your rating: None (2 votes)

This helped a lot, thank you!

Top
Peterson14's picture

Yes i was facing the same

Post by , Friday May 30 2014, 19:25 pm
Your rating: None (1 vote)

Yes i was facing the same certificate problem in the safari. I tried very hard to solve the problem but i was even not getting the actual problem. My friend helped to configure it again.

Top

Who is online?

There are currently 0 admins, 0 users and 192 guests online. Connected users: .

Recent Activity