There is a difficulty is when using a HTTP connection.
It must be HTTPS (with some exceptions that I will not bother with).
It is not possible to use certificates signed be a known authority on internal networks.
The approach we are taking is to create our own signing authority, install the root certificate on the iPads using the network, and issue our own (our customers own) certificates.
On another post here I am advised:
Using a self-signed leaf certificate puts you far off the well-trodden path, and it’s something I actively recommend against.
What is the proper, "Apple way" to achieve this?
Using the self-signed certificate root is causing some of our customers conniptions. They are not sure if they have the correct root certificates installed, and the connections are failing.
There must be a better way.