Security

last person joined: 11 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

IOS 8 devices cannot establish connection to secure server

This thread has been viewed 0 times

  • 1.  IOS 8 devices cannot establish connection to secure server

    Posted Aug 19, 2015 09:11 AM

    Getting cert related issues when trying to connect IOS v8 devices (tried ipods and ipads) to the Guest Captive Portal... Windows laptops, android devices, and even IPad2 IOS v7 works fine... so looks live v8 is being a bit more fussy about our cert.

     

    Weve recenlty upgraded out cert which was close to expiration, and also uses an intermediary cert  and have tried various repackaging of these, but still getting same issues. 

     

    Anyone encountered anything similar, def seems related to IOS8 for whatever reason...

     

     



  • 2.  RE: IOS 8 devices cannot establish connection to secure server

    EMPLOYEE
    Posted Aug 19, 2015 09:18 AM

    If you did not have problems before you changed the certificate, the problem is the cert. What certificate was on there before?



  • 3.  RE: IOS 8 devices cannot establish connection to secure server

    Posted Aug 19, 2015 09:20 AM

    Its a bit tricky to say, as its not really been fully up and running, and weve had lots of other issues to deal with.. been a bit like a 10k hurdle!  Does seem odd that every other device works fine apart from IOS8!

     

    The cert was in the same format as the previous, it just need replacing due to expiraiton...



  • 4.  RE: IOS 8 devices cannot establish connection to secure server

    EMPLOYEE
    Posted Aug 19, 2015 09:23 AM

    Let's gather some facts:

     

    - is it a guest portal?

    - What kind of error, issue does the client have exactly?

    - What are the steps do you use to reproduce the error?



  • 5.  RE: IOS 8 devices cannot establish connection to secure server

    Posted Aug 19, 2015 09:57 AM

    Its hard to get any info.. as Safari doesnt really give us any other info.. I have on occasion had the little cert error pop up box.. but its anyones guess when this decides to show...

     

    Portal login page shows ok, its after login.. when you should be redirected to whatever page the browser should be displaying... 

     

    As I mentioned, of the 8 devices I have in front of me, only the IOS8 ones are giving me grief!  Im trying to see what I can do to obtain some more meaningful info



  • 6.  RE: IOS 8 devices cannot establish connection to secure server

    Posted Aug 21, 2015 10:53 AM

    Def convinced its a Safari issu...

     

    Steps...

     

    Join guest network, open up safari and login/create account

    Then get the safari error about insecure connection to server

     

    If I then try Chrome.. it works fine, no errors.. just log in and away I go...  If I then try Safari, this then works  -  obvioulsy as Ive then passed the auth stages and been granted access.

     

    Viewing the portal login page in chrome, shows a valid (green) cert which has been verified by DigiCert SHA2 Secure Server CA.  I can then login and get access to the internet.

     

    Try to view the same in Safari, and get the error saying it cant establish a secure conneciton to the server.... so the switch to Chrome and log in!



  • 7.  RE: IOS 8 devices cannot establish connection to secure server

    Posted Aug 21, 2015 11:14 AM

    Does the certificate have a valid OCSP URL and is this accessible from the clients?

    It may be related to Safari doing an OCSP check that Chrome is not.