[strongSwan] mobileconfig file - do i need to install a root CA
alex.sharaz at york.ac.uk
Wed Jan 10 12:44:50 CET 2018
I've got a .mobileconfig file set up that will allow a macOS/iOS user to
connect to my SSwan VPN server (5.6.1)
In it I have a cert payload defined containing both the intermediate and
root cert of the server certificate. This all works just fine
However, our security people are objecting to the fact that I'm installing
a root CA on the client device.
Server cert has an intermediate cet between it and the root CA
server config is
If I remove the root cert from the mobileconfig, connection fails. Should I
be able to connect without the root CA in the payload?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users