You can make a difference in the Apple Support Community!
When yousign up with your Apple ID, you can provide valuable feedback to other community members byupvoting helpful replies and User Tips.
When yousign up with your Apple ID, you can provide valuable feedback to other community members byupvoting helpful replies and User Tips.
Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.
User profile for user: sadfoot
sadfoot Author
User level: Level1 4 points
I'm trying to trust a self signed cert from a server I'm hosting on my network. I have the X.509 cert downloaded on my phone as a .crt file (although I've also tried with a *.cer file). When I click on the file, it prompts me to install the profile through the settings app. I do that, then it adds an entry for that cert in Settings->General->VPN & Device Management. It does highlight in red that the "Signed by" field is "Not Verified".
What I would expect to happen next is to see this cert enumerate in Settings->General->About->Certificate Trust Settings under the "Enable full trust for root certificates" section, but alas, there is no such section. Why? Is it because it is self signed? I had no problem doing this on my iPhone a few years ago, but this is a new iPhone and a new major release of iOS.
iPhone 14 Pro, iOS 17
Posted on Oct 3, 2023 3:43 PM
Similar questions
- Cannot trust self signed certificate on iOS 15.2Hello,I am trying to install and trust a self signed root CA certificate on my device to access services hosted on my internal network.Importing and installing the certificate went well.I however do not have the option available to fully trust the certificate.I have the exact same issue than this one : https://discussions.apple.com/thread/253175842No answer has been provided to this post, other than to switch the toggle on, but this toggle is not displayed at all.Are there any specific requirements to meet for imported certificate to show in this list?I tested different key length (2048, 4096), validity (10 years, 1 year) and signing protocol (sha256, sha512), with no luck.Update from iOS 15.1 to 15.2 does not fix the issue either.I have not been able to find any help on the Internet so far, apart from this article that does not help in this case, the toggle not showing up at all : https://support.apple.com/en-us/HT204477.Thanks a lot for your help. 18721
- Cannot trust self signed certificate on iOS 15.1Hello,I am trying to install and trust a self signed root CA certificate on my device to access services hosted on my internal network.Importing and installing the certificate went well.I however do not have the option available to fully trust the certificate.I have the exact same issue than this one : https://discussions.apple.com/thread/253175842No answer has been provided to this post, other than to switch the toggle on, but this toggle is not displayed at all.Are there any specific requirements to meet for imported certificate to show in this list?I tested different key length (2048, 4096), validity (10 years, 1 year) and signing protocol (sha256, sha512), with no luck.I have not been able to find any help on the Internet so far, apart from this article that does not help in this case, the toggle not showing up at all : https://support.apple.com/en-us/HT204477.Thanks a lot for your help. 11101
- install root certificateHi, how to install root certificate of my Microsoft CA in iphone ? I tried this solution, but my Root CA does not seen in General > About > Certificate Trust SettingsSend a copy of the CA Certs (Root CA and Intermediate CA ) by email to iOS device.Open the cert (attached in the email) and you will get an option to Install.Click the Install button and you will get a warning message. Proceed further to click install.Provide the password(if any) to install the cert.Now you can see the cert has been installed and you will see "Done".Make another change under Settings > General > About > Certificate Trust Settings, and there is a section called "ENABLE FULL TRUST FOR ROOT CERTIFICATES".Under it lists the certificate that you have installed on the device. Once enabled, you are done. 43431
2 replies
Loading page content
Page content loaded
User profile for user: bryanr14
Oct 5, 2023 1:58 PM in response to sadfoot
Hello sadfoot,
Thank you for reaching out in Apple Support Communities. Just to be sure, have you followed these steps:
Trust manually installed certificate profiles in iOS and iPadOS
If you manually install a profile that contains a certificate payload in iOS and iPadOS, that certificate isn't automatically trusted for SSL. Learn how to manually trust an installed certificate profile.
This article is intended for system administrators for a school, business, or other organization.
You must manually turn on trust for SSL/TLS when you install a profile that is sent to you via email or downloaded from a website.
If you want to turn on SSL/TLS trust for that certificate, go to Settings > General > About > Certificate Trust Settings. Under "Enable full trust for root certificates," turn on trust for the certificate.
Apple recommends deploying certificates via Apple Configurator or Mobile Device Management (MDM). Certificate payloads are automatically trusted for SSL when installed with Configurator, MDM, or as part of an MDM enrollment profile.
This information is outlined in this article and may help: Trust manually installed certificate profiles in iOS and iPadOS - Apple Support
If you need further assistance, you can contact Apple Support through this link here: Get Support
Kind regards.
Link
User profile for user: djpavon
djpavon
User level: Level1 8 points
Mar 24, 2024 9:08 PM in response to sadfoot
In Settings->General->VPN & Device Management, tap on your certificate. Then tap on "Install" in the upper-right corner, and agree to the warning. Once you have done that, you can go to Settings->General->About->Certificate Trust Settings, and the certificate should be there, and you can tap the toggle to trust it.
I don't know why there is now this intermediate step in the VPN section. The Apple docs should be updated to mention that.
Link
Trust a self signed ssl cert on iPhone iOS 17