Opened 6 years ago
Closed 6 years ago
#985 closed Bug / Defect (fixed)
iOS: .mobileconfig with .p12 Payload does not work
Reported by: | Zephyer | Owned by: | Antonio Quartulli |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | OpenVPN Connect | Version: | OpenVPN Connect for iOS v1.2.6 |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | Certificate |
Cc: |
Description
openVPN 1.2.6 has the same problems as reported in openVPN 1.2.5 in the following thread;
https://forums.openvpn.net/viewtopic.php?f=36&t=25587
The VPN cert. isn't imported properly, you'll see multiple people responding with different situations vary from MDM implementations to personal (private) situations.
Change History (12)
comment:1 Changed 6 years ago by
Owner: | set to Antonio Quartulli |
---|---|
Status: | new → assigned |
Summary: | openVPN bugged out with importing certificate → iOS: openVPN bugged out with importing certificate |
comment:2 Changed 6 years ago by
Hi,
We install a provisiong profile and a client certificate.
The certificate is being pushed into the keychain of the device, the openVPN used to get the certificatie from the keychain.
comment:3 Changed 6 years ago by
If you are importing the certificate in PKCS#12 format, then you should try reading the FAQ about the new .ovpn12 extension.
comment:4 Changed 6 years ago by
If you are importing certificates as CertificatePayload? within .mobileconfig files, that is currently not-supported as we required some special permission from Apple to have it working again. However, it is already in the pipe.
comment:5 follow-up: 6 Changed 6 years ago by
We've had contact with our MDM POC and Apple, both are saying that the way that openVPN app (1.2.5 and up) is working with certificatpayload isn't how it's supposed to work.
Both are saying openVPN has to solve the problem, not stating that openVPN is trying to get permission from Apple.
So pointing out the it's not supported doesn't work for me, supported with the information that Apple gave to me.
comment:6 Changed 6 years ago by
Sorry, but I think there was a misunderstanding.
Replying to Zephyer:
We've had contact with our MDM POC and Apple, both are saying that the way that openVPN app (1.2.5 and up) is working with certificatpayload isn't how it's supposed to work.
Both are saying openVPN has to solve the problem, not stating that openVPN is trying to get permission from Apple.
So pointing out the it's not supported doesn't work for me, supported with the information that Apple gave to me.
I never said it's Apple's fault. When I said "it is currently not supported" I meant not supported by the OpenVPN Connect app as of now.
In order to work the app requires a special permission granted by Apple after a formal request.
We did request it and we managed to conclude the process last week.
I also mentioned it in my previous comment: the fix is already in the pipe.
comment:7 Changed 6 years ago by
The fix you mentioned that is 'in the pipe', in which openVPN app version is this implemented?
As of today 1.2.7 is available in the AppStore? which doesn't fix the problem.
comment:9 Changed 6 years ago by
Status: | assigned → accepted |
---|
comment:10 Changed 6 years ago by
Priority: | blocker → major |
---|---|
Summary: | iOS: openVPN bugged out with importing certificate → iOS: .mobileconfig with .p12 Payload does not work |
comment:12 Changed 6 years ago by
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
1.2.8 has been approved and is being released to the AppStore? as we speak. I am finally closing this ticket. Please feel free to re-open it if the issue is not yet solved.
Note: please pay attention to the new app ID when writing your own mobileconfig file.
Sorry, in that forum thread there are a lot of issues reported, therefore it's not easy for me to understand what you are referring to.
Are you talking about installing Provisioning Profiles (.mobileconfig files) with a Certificate Payload via MDM?
Or are you importing profile (.ovpn) and PKCS#12 (.ovpn12) separately?