Identity Certificate not installing properly on OS 3.0

I have the same problem. My identity certificates under «settings -> profiles» are empty, but
visible in the «VPN -> IPSec» settings... ???

Same issue here. The certificate details are blank. Same certificate worked fine before the upgrade.

And us as well. We had a perfectly working cert that after upgrading to 3.0 OR installing fresh (on a restored phone) install, but then seems blank; the sync it supported (SSL to Exchange) no longer works!
I assume no-one has found a fix / workaround yet?!

Cheers,
Dan

I figured this out last night, it appears apple changed the way the Certificates are done with Exchange. Download iPhone Configuration Utility 2.0, on the Exchange screen attach the cert. The cert then gets put in the Profiles as a Exchange Account. The same profile that would show no details previously now shows the details.

Very frustrating that Apple couldn't have a smoother migration for upgrade for Corporate customers. They treat corporate customers like retail users . . . the fact that enterprises can't test prior to the release of software is what prevents iPhone from replacing Blackberry in the enterprise.

To be clear, one still cannot import a functional personal identity certificate even using the iPhone Configuration Utility 2.0 on the Credentials option for Configuration Profiles. You still get a blank certificate. You CAN install an Exchange Certificate using the utility under Credential Name, and this might work for those that terminate SSL on their Active Sync server; however, if you terminate your SSL on a F5 appliance, you can't authenticate since the cert imported with the utility isn't passed to the Exchange Web server in this configuration. We use client certificates for various authentication scenarios and iPhone 3.0 software breaks client certificates. I've tried every format that the iPhone supports and none of them result in a usable identity certificate. Our users are unable to upgrade to 3.0 until this is fixed.

I'm just posting to add fuel to this fire...I am having the same problems discussed in this thread. ActiveSync authentication no longer works when it requires a client side certificate and the user certificate shows up blank under the installed profile.

What's up with removing the domain, username and password fields also?

The domain/user/password fields will be blank if you use the certificate option at the bottom of the Exchange field using the configuration tool. You would need to have your exchange server setup to allow pure certificate authentication. Most people just use a cert for the SSL aspect of the authentication and still pass a user/domain/password to the Active Sync server. I suspect you used the configuration tool instead of simply importing the certificate via gmail or some such.

If we remove the requirement for a client certificate from our SSL proxy, the iPhone can log in and start doing email. The problem is with the individual certificate store on a 3G iphone upgraded to 3.0 I do not yet have a 3G-S phone or a first gen phone to test the same functionality.

Hopefully Apple will release a patch soon-ly.

Poor etiquette to reply to my own post, but a user just stopped by with their new 3G-S phone and I tried to import a personal identity cert and it has the same problem: the certificate is blank and cannot be used for authentication. Apparently certs weren't tested with the 3.0 iPhone...seems like a pretty large oversight.

Sorry I am a noob. Where can I get the certificate from? I downloaded the config tool, but don't know how to put the file on my phone (or where to find it)...

I can also confirm that I have this issue on a new 3G S. Really annoying, as I need to be able to log in to my corporate web sites that require client certs for authentication.

Is there a way to flag this to Apple? If someone can let me know then I'm happy to add my name to the list!

Same problem here! HELP!!!! - does anyone know if apple has flagged this as an issue that will get resolved with a patch?

I am new on this forum. I am curious to know if Apple is reading this support thread and will answer the certificate question.

I have checked with my company ISA server and obviously traces are showing that the user certificate is not sent from the iPhone to the ISA server therefore refusing the connection.

As mentionned in the top message of this discussion, the certificate that was working properly before the upgrade from 2.2.1 to 3.0 is not readable anymore when looking to detail window of the certificate. So the issue seems to be related to certificate attribute's content or missing attributes inside the certificate. I have tried to reload the certificate:

1/ using a pop email account, then the certifcate appeared as unsigned and with blank details (no issuer and no expiration date).

2/ using the iPhone configuration utility 2.0, then the certificate appeared as verified (and not unsigned as before) but with blank details.

- Is anyone know what are the changes that have occurred in the identity certificate management with version 3.0?

- Do you know about certificate that works for exchange synchronization with version 3.0?

Many thanks for your help.

I'd suggest that anybody affected by this bug submits a bug report to Apple via the feedback page, here: http://www.apple.com/feedback/iphone.html

The more people that make themselves heard, the quicker it is liely to be taken care of!

T