Post

Replies

Boosts

Views

Activity

IKEv2 vpn profile with self-signed certificate
I am having two issues with an IKEv2 VPN profile and certificates, and I am using Apple Configurator to create the profile. We have a self-signed CA that consists of an intermediate/root chain. The first issue is that when I load the intermediate and/or root into the Certificates section, then, in the VPN section, select Certificate for Machine Authentication, the VPN doesn't connect, and from Console, we get the error "Trust evaluate failure: [leaf MissingIntermediate]." If I load the server cert, the profile connects. I am lost as to why this works, I would assume we would need only the intermediate and/or root. Second issue I am running into, is that when I put the Intermediate CA name into "Server Certificate Issuer Common Name" the VPN does not connect at all. With the server cert or not. If I can provide any more information at all, please let me know. With this being a public forum, I didn't want to include much from my organization but can send it privately. Thank you in advance for any assistance. Screenshot of the console error is attached
0
0
481
Jul ’24