Transparent authentication of iOS devices using certificates


Article ID: 167760


Updated On:


Advanced Secure Gateway Software - ASG ProxySG Software - SGOS


The attached documents describe how to setup ProxySG to authenticate iOS devices with pre-installed certificates. The documents only cover basic ProxySG configuration and distribution of certificates and configuration profiles to iOS devices.

For more advanced distribution methods refer to Apple's enterprise documentation found here.
Here's the table of contents of the attached document "iOS_Certificate-based-authentication.pdf":
  • Terminology
    • iOS Devices (iDevices)
    • iPhone Configuration Utility
  • Authenticating iOS devices on ProxySG
    • Solution overview
      • Certificates on iOS devices
      • Distribution methods
    • Requirements
    • ProxySG configuration
      • Install CA certificate
      • Create a separate CA certificate list
      • Install SSL Server Keyring
      • Create HTTPS-Reverse-Proxy service
      • Create Certificate Authentication Realm
      • Create a policy to authenticate iOS devices
    • iOS device configuration
      • Create client certificate
      • Create configuration profile (optional – skip if installing certificates directly)
      • Distribute certificates/configuration profile
      • Install certificates / configuration profile
      • Access web resources through ProxySG
      • Verify iOS device are authenticated
The second document ("UC-ios_transparent_authentication-v1.0.pdf") describes the same topic from a different point of view. It is a 1-pager and describes the use case of authenticating iOS devices.
The 1-pager contains enough information for very experienced ProxySG administrators. Most people probably would have to use the more detailed one.


The solution is in "Situation" above.

Attachments get_app