Hi,
Everytime I need to configure an iphone/ipad for zimbra, it's the same painful experience:
what has changed now to get it to accept the zimbra certificate ?
Here again: with an IOS 13.6 ipad, the zimbra self-signed certificate refuses to be trusted
The zimbra certificate is a self-signed one provided with the zimbra install with an expiration date of december 2027
failed attempts: (which worked in the past, but no longer)
1) put the .cer file on a webserver. open safari to the file. the cer file is downloaded and put in a profile.
the certificate can be installed, albeit with several warnings that it cannot be verified and must be approved by the user
-> the certificate in the profile stated "not verified" or "not trusted".
no option to accept it
2) using apple configurator, a profile is created containing the certificate.
that profile is added to the device.
-> the certificate in the profile stated "not verified" or "not trusted".
no option to accept it
3) under general, info/about, certificate trust settings
on previous versions, the certificate could be accepted here
-> not anymore
I saw a post somewhere, that Apple refuses certificates with a validity of more than 825 days. My certificate is such.
Is this correct?
Can I create a second certificate on the Zimbra server with a shorter validity and keeping that along with the current one?
I don't want to disrupt the current ipads/ iphones in use.
Or is the only viable option to give in and buy a commercial certificate?
best regards
glenn
help needed with ipad/iphone zimbra certificate
-
fs.schmidt
- Outstanding Member
- Posts: 262
- Joined: Sat Sep 13, 2014 3:37 am
- Location: Brazil
- Contact:
Re: help needed with ipad/iphone zimbra certificate
Hello,
You need to deploy a valid certificate in order to make it work properly.
You can use a free valid certificate from Let's Encrypt or buy a certificate.
You need to deploy a valid certificate in order to make it work properly.
You can use a free valid certificate from Let's Encrypt or buy a certificate.
-
glenndm
- Advanced member
- Posts: 111
- Joined: Fri Sep 12, 2014 10:35 pm
- ZCS/ZD Version: Zimbra 8.8.15_GA_3847 (build 201908
Re: help needed with ipad/iphone zimbra certificate
thank you for replying (so quickly)
so it is the last then "Or is the only viable option to give in and buy a commercial certificate?" (granted let's encrypt is not commercial)
a sidenote: for me, the self-signed certificate is valid, I have total control over server and client. now I need to trust a 3rd party because everyone says so
best regards
so it is the last then "Or is the only viable option to give in and buy a commercial certificate?" (granted let's encrypt is not commercial)
a sidenote: for me, the self-signed certificate is valid, I have total control over server and client. now I need to trust a 3rd party because everyone says so
best regards
Re: help needed with ipad/iphone zimbra certificate
Is the certificate you are deploying a chained cert with the CA in there also?
I have no issues installing a CA on the ipad, then installing the cert that was signed by the CA.
I don't use certificates created by Zimbra so I don't know how the are structured. I generate self-signed certs for a few services in our system. As long as the root CA is installed first it just works.
I have no issues installing a CA on the ipad, then installing the cert that was signed by the CA.
I don't use certificates created by Zimbra so I don't know how the are structured. I generate self-signed certs for a few services in our system. As long as the root CA is installed first it just works.
Re: help needed with ipad/iphone zimbra certificate
Any time you use a self signed cert you will have have issues. However you should be able to push the CA cert to the iOS device through MDM
Who is online
Users browsing this forum: No registered users and 15 guests