This article is intended to help users when their environment is using a self signed cert but they still need to use iOS devices. You will need to export the https and installer-ca certs from the FAS jboss console, email them to the iOS device and import them.
Self Signed Certificates
If you are connecting to a server that uses a self-signed certificate, you will need to add that certificate and the associated CA root certificate to the keychain on your client. The server certificate and CA root certificate can be obtained through the FAS Administration screens. The Administering Fusion Application Server document explain how to view and export certificates. You will need to extract the HTTPS Identity Certificate (server certificate) and the Trust Certificate (CA root certificate) that has signed your server certificate.
Once you have exported/downloaded the two certificates, they need to be copied to your client. Clicking the certificate will then provide you with the option to install the certificate on your client.
You should then view the installed server certificate through the appropriate tool (iOS Settings → General → Profiles or OSX Keychain) and confirm that the server certificate is trusted. If it is then your application should connect to the server.
Exporting an identity certificate
- In the Management Console, from the top-right menu select Profiles.
- From the Profile drop-down list, select the management profile.
- From the menu on the left, expand Subsystems > Trust Management and select ID Certificates.
- Select the identity certificate group that you want to work with.
- Select the certificate entry of the identity certificate that you want to export.
- Click Export
- Enter the security password.
- dialog containing the certificate text is displayed.
- Copy the text and paste it into a text editor, then save the file with .cer extension.
- Click Cancel to close the dialog.
https://<GW_IP>:9990/console/ --> Profile --> Management --> Trust Management --> ID Certificates --> select the main-loadbalancer-group
You will then need to export the installer-ca cert from
https://<GW_IP>:9990/console/ --> Profile --> Management --> Trust Management --> Trust Certificates
Import the 2 certs into the iOS device
Now email the 2 certs to the iOS device and import them.
Please sign in to leave a comment.