Q: S/MIME certificates in mobileconfig file iOS 8
We use S/MIME encryption in our company, with certificates generated by our own Root CA.
Up until now, I was able to create a mobileconfig file with iPhone Configuration Utility and install the public certificates for the CA and individual users as Credentials payloads. I would then do the same for the private key for the owner of the device.
The certificates were automatically used in the Mail app when mail was addressed to a matching address. This made email encryption relatively painless for the user.
Now, with iOS 8, Mail doesn't seem to pay any attention to certificates installed an a mobileconfig file. The only way I have been able to get encryption to work is by receiving a signed message from another user, clicking on their name and then viewing and installing their certificate. I can certainly manage this, but when we have 70 users with varying technical skills, there are going to be a lot of unencrypted messages sent that shouldn't be.
I am hoping that I am just missing a setting. I am going to have to recommend that users avoid upgrading to iOS 8 until a solution is found.
iPhone 5c, iOS 8
Posted on Oct 10, 2014 9:40 AM