Profile Photo
HI,   We have NEAppProxyProvider VPN client deployed and the VPN server is using the self signed certificate. We install this server self signed certificate on devices using MDM. In this case TLS handshake still fails saying "Invalid Certificate Chain" so we have couple of questions here: 1. Should self signed certs not work with TLS handshake… (Show more)
in Networking
Profile Photo
HI, Is there any way to workaround the new iOS 13 TLS policies checking for TLS server cert validity for 825 days and so on? Can we override the TLS validation using Secure Transport to manually trust such certificate of longer validity that this limit and others such as SAN requirement (I think SAN we can override using SecPolicyCreateSSL())?… (Show more)
in Networking
Profile Photo
HI, We faced an issue where the NEAppProxyProvider based per-app VPN fails to connect when device is enrolled in the User Enrollment mode. This occurs as NEAppProxyProvider can not lookup the client TLS identity based on the persistence reference passed in VPN profile. We are using following code to get the client identity and certificate from the… (Show more)
in Networking
Profile Photo
Trying to compile my app using XCode 11.0 Beta 2 and I see that SecTrustedApplicationCreateFromPath() has been removed.   A little surprising, usually things are deprecated for a year or so before being removed.   I don't see any alternate API being recommended, and I have no idea how to proceed.   I just need to share a keypair between a daemon… (Show more)
in Security