Certificate Trust Settings — iOS
If you started using Cloud Middleman before iOS 10.3, you’ll remember that getting started required 4 simple steps:
- Add the device in the dashboard
- Accept the invite by installing the device profile
- Connect to the VPN
- Browse to any webpage to trigger the captive portal screen and Accept the dialog.
With iOS 10.3, Apple introduced a change where users must manually turn on trust settings for any profiles that include a root cert:
In iOS 10.3 and later, when you manually install a profile that contains a certificate payload, that certificate isn’t automatically trusted for SSL.
This is a welcome change from Apple that further enhances user security.
If you want to turn on SSL trust for that certificate, go to Settings > General > About > Certificate Trust Settings. Under “Enable full trust for root certificates,” turn on trust for the certificate.
With this change, there is now one extra step you’ll need to take to get started with Cloud Middleman:
- Add the device in the dashboard
- Accept the invite by installing the device profile
- Turn on certificate trust for the CM cert
- Connect to the VPN
- Browse to any webpage to trigger the captive portal screen and Accept the dialog.
You’ll only need to enable the trust setting when you first install the device profile.
For more info on this change, please see Apple’s documentation: https://support.apple.com/en-us/HT204477
As always, we welcome comments, questions, and general feedback.
