User profile for user: keeema
keeema Author
User level: Level 1
14 points

How to Add a Self-Signed Certificate(not verified by third party) to iOS and mark it as Trusted?

Hello,

Within a local network, I need to access a local server over HTTPS which is not public and uses a self-signed certificate generated by openssl.


I need to install this certificate on iOS and mark it as trusted. Unfortunately, the procedure described on Trust manually installed certificate profiles in iOS, iPadOS, and visionOS - Apple Support cannot be used because the certificate does not appear in the "Enable full trust for root certificates" section after installation.


I tried installing the certificate by sharing it via AirDrop and by installing the certificate through a profile in the Apple Configuration tool.

In both cases, the certificate is installed but cannot be marked as trusted in the "Enable full trust for root certificates" section.


On macOS, I was able to install the certificate and mark it as trusted without any issues, and everything works as it should.


How can I achieve the same on iOS?



iPhone 15 Pro

Posted on May 27, 2024 5:49 AM

Reply

Similar questions

4 replies
User profile for user: SravanKrA
SravanKrA
User level: Level 10
434,476 points

May 27, 2024 6:10 AM in response to keeema

AirDropping the certificate itself might not work as expected. While it was a possible method in older iOS versions,current versions often don't recognize the raw certificate file and don't trigger the installation process.


AirDrop is designed for transferring standard file formats like images, videos, and documents. It might not recognize the certificate file format (usually .pem) as something to install.


Imp: Self-signed certificates bypass the usual security checks. Trusting them weakens security and should only be done on a closed, trusted network.


Here's how you can do this:

Installing the Certificate:

  1. Web Server Download: If possible, host the self-signed certificate on your local server. Access the server using Safari on your iOS device. The server should prompt you to download and install the certificate profile.
  2. Email Attachment: Alternatively, email the certificate file (usually in .pem format) to yourself. Open the email on your iOS device and tap on the attachment. This should initiate the certificate installation process.


Reply
User profile for user: keeema
keeema Author
User level: Level 1
14 points

May 27, 2024 6:28 AM in response to SravanKrA

Thank you for the response. Perhaps I did not express myself clearly.


I can install the .crt certificate on iOS. I did it via AirDrop, from Files, from Mail, and through the Apple Configurator tool, and in all cases, it gets installed. I can see it in the VPN & Device Management section.


The problem is that I cannot mark it as trusted in Settings > General > About > Certificate Trust Settings > Enable full trust for root certificates, and subsequently, I cannot access the server in Safari.


Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

How to Add a Self-Signed Certificate(not verified by third party) to iOS and mark it as Trusted?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up