im new to this stuff but im having the same problem..and just to clear things up for me, is the username and password for the HTTPS proxy Authentication just your Apple iD username and password?
I just bought an iPhone 4S four days ago and just downloaded iTunes lastnight and i still have to setup the phone but it cant connect to iTunes apparently because the "proxy" verification keeps popping up..can anyone give me a heads up on how to overcome this predicament or is it similar to everyone elses problems? otherwise this phone is useless to me..
Normal users don't usually have a proxy server, and are therefore not prompted for one. I expect this is one of the reasons why I think Apple has ignored this issue so far - out of the eleventy-bazillion people using their devices, only those behind corporate/education firewalls (small percentage really) are affected by this issue.
To answer your question, as you say you ARE being prompted for proxy credentials: These credentials you need are the logon details for user account, on the network that is prompting you. If you get this at work/school/etc then you need to enter the username and password for that network i.e. DOMAIN\USERNAME and password. Generally speaking, these are the credentials you would log on to a desktop computer with.
And when you're done... you too can get the CONSTANT HTTPS Proxy auth nags like the rest of us . I really hope iOS 6 fixes this!
I have received an email from Apple that the Engineering team is asking for more information in order to investigate the issue.
"Are you also experiencing this issue with iOS 6.0 beta 1? (10A5316k)"
Unfortunately I do not have the iOS 6 beta 1 device, nor the proxy to work with. Is anyone facing this issue in iOS 6 beta 1 also?
I tried setting up a little proxy .pac file to no avail. The file does successfully direct my iPad to the proxy I'm sitting behind (and HTTP works just fine), but it still refuses to remember/use the name/password for the proxy when I'm using HTTPS.
I guess some people here are mostly just annoyed by constant asking for proxy password, but I actually want to *use* the HTTPS proxy for things on my iPad. So far I can't find a solution. I wish I had access to iOS 6 to test it. I'd love to hear from somebody else who does.
I am the Network Manager of a High School and am currently looking at completely rejecting IOS devices because of this single issue.
I have many iPad and iPhone users with this frustrating and annoying issue. As we are a school, ther eis no way that we are allowed to circumvent the security and it looks like we will have to scrap the idea of using Apple products and investigate using Windows or Android devices instead. Really cannot believe that Apple are ignoring this.......
I can tell you with absolutely confidence that it is NOT the fault of the proxy server. As I have stated all along:
1) In iOS 4, the system did not handle ANY request for proxy authentication for Apps coded without it explicit. This made sure that web and email (if you configured a proxy in the network settings) were about all that would work. Not even the built-in Weather would work. Our servers just showed the device sending everything as anonymous and bashing it's head against the proxy until the app crashed, gave up, or your battery died. Almost NOTHING in iOS4 actualy used the proxy settings in your WLAN settings, even if you specified "Manual" and "Authenticated" and entered your credentials for it to save.
2) In iOS5, Apple made things better and actually used the proxy server for all network connections (from what I can tell). This change made it no longer a requirment for App developers to specifically code in proxy-awarenes for it to work. This is a MAJOR improvement... with one MAJOR flaw. While Apple provides you a place to enter and save credentials for an authenticated HTTP proxy server, this does not apply to an authenticated HTTPS proxy server. As almost all apps and web-services protect your session with SSL/HTTPS, that results in a LOT of authentication requests that can't be handled by iOS.
3) If you look at the proxy/firewall/network traffic, iOS still tries to do everything unathenticated (like normal). If the anonymous attempt fails, they accept the challenge responses from the proxy like they should, but simply don't allow you to save credentials for the most used type of communication (HTTPS). There are several work-arounds, but none of them great. You could:
a) Turn off authentication on your proxy server and enter the realm of failed governance, accountability, and duty-of-care. Not recommended at all.
b) Implement a solution where the devices are profiled via an identity management solution, added to a DHCP reservation that is allowed to bypass the authentication o the proxy, and/or uses a new SSID that pushes your device onto a new IP range that has authentication essentially turned off (or auto-authenticated via a RADIUS plugin). This will likely be costly.
c) Keep demanding that Apple either provide a "HTTPS Proxy" authentication in iOS (like they do in OSX) and/or use the credentials entered in "Manual" to at least ATTEMPT an authenticated connection when chalenged for HTTPS credentials. Which will fall on deaf ears like it has for the last year.
I sure hope iOS6 fixes this. I guess we'll know in a week or two. The cynic in me wonders what it will break at the same time though
Edit: Some "solutions" out there like NetBox, WebSense, etc., are now adding filters and plug-ins to handle this issue. Some, on connection to wireless with valid credentials, will create a "map" between your IP addres and your user and essentially "inject" your credentials on the way through the filter. It's cool because it may solve this issue. It's not cool because anyone else using that device (if shared), or using that IP address (say, if manually set in their settings), will potentially be authenticating as someone else. If you have a solution that "just works", then it is using trickery to work... but it is NOT how it SHOULD need to work.
Or you guys could just download the icab app.....
It gives you the option to turn the proxy on and off. That way use the sites that need a proxy with safari, and the ones that don't with icab. Or vice versa.
My colleague and I had trouble with the proxy.pac file, turns out it didn't work when saved into our main servers root folder, but it works absolutely fine when saved into our proxy server's root folder.
Without the http:// it won't work.
We have 200 iPads using this this file and it works a treat (plus another 400 coming next year)
If you can't get it to work, it's worth paying someone who is cluey on this to do it for you, as it will save you the biggest headache.
Or just use icab. It costs $2.
Sorry, what are you talking about?
Firstly, this thread relates to the inability for iOS to handle and save authenticated HTTPS Proxy credentials for communication without constantly asking users for input. What this issue is NOT about, is the inability to set up a PAC file (presumably for unauthenticated proxy access) and browse to websites. Safari works just fine for most things (using HTTP), why on earth would you recommend a $2.00 app (per iPad) for this?
Secondly, I resent the implicatation that we don't know what you are doing. The last couple of people responding to this thread are either Network Managers or System Administrators. We kow what we are doing, we can craft a proxy PAC file, heck... I am sure we've even crafted auto-discovery WPAD files which get published through DHCP. A lot of people have this issue, in a lot of different envronments, ad I think we've described the issue and required fix ore than enough times.
Sorry, but a $2.00 browser replacement is NOT the answer here. Apple needs to fix this ASAP. What would completely solve the issue for me is one of the following options:
1) Apple updates the UI for Settings > Network > WLAN > #SSID# > HTTP Proxy, and include a new HTTPS proxy setting like they do with OSX. Simple, but means entering the same information twice in most environments, which won't be great.
2) Apple updates the same interface with an option to use HTTPS Proxy with the same credentials as those entered in HTTP Proxy. Having both options (this and the previous option) wouldn't be a bad thing, because I am sure some sites have two different servers and/or ports to configure for proxy.
3) Better still, allow us to have a "Keychain" and associated app/setting on iOS devices. With this, we can just set "Authentication" to "On" and choose options for HTTP/HTTPS/etc. Apple don't even need to provide a place for a username and password in this UI, because the first use of the proxy will prompt you for the credentials, which you will then enter using a "Save in Keychain" option (like on OSX). For most people/environments, we could just set the HTTP Proxy setting to "Auto" and set our Proxy.PAC file path (or use auto-discovery), and away we go. Makes deploying the settings via MDM a breeze as well.
Any of the above will work perfectly and are similar UI elements to those that Apple already has for their desktop OS. I prefer option (3) as it is one less place that a user needs to enter credentials during a setup, but it will require a fair bit of work on Apples part. All our OSX systems use this setup - one PAC file as "Auto Configuration proxy Script" in both HTTP and HTTPS options, and with credentials pre-filed in the Keychain via our first-logon process (custom scripts). On iOS it would rock - and if it could also manage saving passwords for Apps, websites, etc., just like OSX, it would be great for all users.
So, again, this issue is NOT a "you configured it wrong" issue. Or something that you can "pay someoe who's cluey" to fix. Or one where "there's an App for that". Apple made a pretty silly ommission here, and they need to fix it.
Well, I have come to add my frustration on this bug! Our school has spent an awful lot of money investing in a Innovations room, we have added 6 UAP's and purchased 30 IPADS - we have a great WiFi connection. We have a mixture of Lightspeed and Websense (currently running Lightspeed in paralle due to a upcoming change) running for our filters - we have our proxy settings in the IPADS which we "have" to use, but every time a user clicks on a new link on the IPAD, we get this HTTPS login details and its getting very, very frustrating for the students, teachers and myself!
I have been charged with sorting out this issue. But after coming here, I see that there is no easy solution. Please Apple, pull your finger out. IPADS are becomming a great teaching tool for students, its helping our students express themselves, doing role plays - we need this bug fixed. I cannot have students acting out role plays (as we use Apple TV, and we project each users IPAD on the TV) to be stopped and asked for HTTPS password every 45s.
Sort this out!
Hy, Guys I'am also very interessted to find a solution for this bug, and we are always holding back the Update for iOS 6 becouse we don't know if there was maybe some other Problems with Proxy Authentication after the Update.
Hope Apple will solve this Problem soon... how could it be that a company like Apple have a problem like this?!