Hi,
Everytime I need to configure an iphone/ipad for zimbra, it's the same painful experience:
what has changed now to get it to accept the zimbra certificate ?
Here again: with an IOS 13.6 ipad, the zimbra self-signed certificate refuses to be trusted
The zimbra certificate is a self-signed one provided with the zimbra install with an expiration date of december 2027
failed attempts: (which worked in the past, but no longer)
1) put the .cer file on a webserver. open safari to the file. the cer file is downloaded and put in a profile.
the certificate can be installed, albeit with several warnings that it cannot be verified and must be approved by the user
-> the certificate in the profile stated "not verified" or "not trusted".
no option to accept it
2) using apple configurator, a profile is created containing the certificate.
that profile is added to the device.
-> the certificate in the profile stated "not verified" or "not trusted".
no option to accept it
3) under general, info/about, certificate trust settings
on previous versions, the certificate could be accepted here
-> not anymore
I saw a post somewhere, that Apple refuses certificates with a validity of more than 825 days. My certificate is such.
Is this correct?
Can I create a second certificate on the Zimbra server with a shorter validity and keeping that along with the current one?
I don't want to disrupt the current ipads/ iphones in use.
Or is the only viable option to give in and buy a commercial certificate?
best regards
glenn
help needed with ipad/iphone zimbra certificate
- fs.schmidt
- Outstanding Member
- Posts: 278
- Joined: Sat Sep 13, 2014 3:37 am
- Location: Brazil
- Contact:
Re: help needed with ipad/iphone zimbra certificate
Hello,
You need to deploy a valid certificate in order to make it work properly.
You can use a free valid certificate from Let's Encrypt or buy a certificate.
You need to deploy a valid certificate in order to make it work properly.
You can use a free valid certificate from Let's Encrypt or buy a certificate.
-
- Advanced member
- Posts: 125
- Joined: Fri Sep 12, 2014 10:35 pm
- ZCS/ZD Version: Release 8.8.15.GA.3829.UBUNTU16.64
Re: help needed with ipad/iphone zimbra certificate
thank you for replying (so quickly)
so it is the last then "Or is the only viable option to give in and buy a commercial certificate?" (granted let's encrypt is not commercial)
a sidenote: for me, the self-signed certificate is valid, I have total control over server and client. now I need to trust a 3rd party because everyone says so
best regards
so it is the last then "Or is the only viable option to give in and buy a commercial certificate?" (granted let's encrypt is not commercial)
a sidenote: for me, the self-signed certificate is valid, I have total control over server and client. now I need to trust a 3rd party because everyone says so
best regards
Re: help needed with ipad/iphone zimbra certificate
Is the certificate you are deploying a chained cert with the CA in there also?
I have no issues installing a CA on the ipad, then installing the cert that was signed by the CA.
I don't use certificates created by Zimbra so I don't know how the are structured. I generate self-signed certs for a few services in our system. As long as the root CA is installed first it just works.
I have no issues installing a CA on the ipad, then installing the cert that was signed by the CA.
I don't use certificates created by Zimbra so I don't know how the are structured. I generate self-signed certs for a few services in our system. As long as the root CA is installed first it just works.
Re: help needed with ipad/iphone zimbra certificate
Any time you use a self signed cert you will have have issues. However you should be able to push the CA cert to the iOS device through MDM