You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Error with client certficate auth on website. iOS7 - OK. iOS8 - error.

I have https website with user certificate auth.


My certificate was generated with options:

  • Certificate key usage: digitalSignature keyEncipherment
  • Extended jey usage: clientAuth



Web server

  • Windows 2008
  • IIS 7.5
  • Server linked to Active directory and check user certificates.


IIS is configured to require SSL user certificate.


User uploaded file

On my iPhone 5s was installed iOS 7.* and everything works fine.

After updating os to version 8.0.2 i am getting error 403.7 (Safari dont send user sertificate).


We take new iphone 5s (ios 8.0.2) and upload the same user certificate. Exec Safari, load website and got the same error.


What was changed in iOS 8 than downt allow us to use user certificates to auth on corporate websites?

iPhone 5s, iOS 8, Any iphone, ipad with iOS 8

Posted on Oct 1, 2014 6:04 AM

Reply
18 replies

Oct 7, 2014 9:50 AM in response to Ar2r

I just spoke to an Apple Engineer. At this time, the official fix is 8.1. He is looking into what could be different about the certs since it works for some people and not others. He said it could be the root CA but not sure yet. He is also trying to get an ETA on 8.1.

I will update as soon as I hear back.


If it is truly a root CA trust issue then it will be impossible to fix on our side.


(BTW, browser or proxy issues are keeping me from seeing most images in the thread. Once I can get that worked out I can see about posting some corresponding ones)

Oct 11, 2014 3:15 AM in response to JJ-USA

Wanted to share experience on a similar issue and that we are facing with HTTPs calls on iOS8


We tried iOS 8.1 beta 2 as well and the issue was not resolved.


We implemented a workaround in our App ( Its an enterprise App ) to get over it for now, you can read below on my experience and workaround


Background :

Ours is a hybrid enterprise App and On login there were 6 HTTPs asynchronous calls simultaneously to get the data. This worked perfectly till iOS 7 , but random behaviour started appearing in iOS8.

Then we tried with HTTP instead of HTTPs on iOS8 and everything worked fine.

Table below captures difference permutations


ProtocoliOSResult
HTTPiOS 7
HTTPSiOS 7
HTTPiOS8/iOS 8 Beta 2
HTTPSiOS8/iOS 8 Beta 2


What's more confusing is that when we used Charles proxy to intercept and analyse request everything worked fine i,e HTTPS calls were working on iOS8 with Charles Proxy

Then after a lot of search and brainstorming we changed the Calls to synchronous ones and called them in sequence , though it had a bit of performance overhead but This SOLVED the problem for now.It seems that there's some issue in handling a few calls simultaneously


I will continue to look more into this and will share anything if I find.

Error with client certficate auth on website. iOS7 - OK. iOS8 - error.

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.