Transparent authentication of iOS devices using certificates

book

Article ID: 167760

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

The attached documents describe how to setup ProxySG to authenticate iOS devices with pre-installed certificates. The documents only cover basic ProxySG configuration and distribution of certificates and configuration profiles to iOS devices.

For more advanced distribution methods refer to Apple's enterprise documentation found here.
Here's the table of contents of the attached document "iOS_Certificate-based-authentication.pdf":
 
Preface
  • Terminology
    • iOS Devices (iDevices)
    • iPhone Configuration Utility
  • Authenticating iOS devices on ProxySG
    • Solution overview
      • Certificates on iOS devices
      • Distribution methods
    • Requirements
    • ProxySG configuration
      • Install CA certificate
      • Create a separate CA certificate list
      • Install SSL Server Keyring
      • Create HTTPS-Reverse-Proxy service
      • Create Certificate Authentication Realm
      • Create a policy to authenticate iOS devices
    • iOS device configuration
      • Create client certificate
      • Create configuration profile (optional – skip if installing certificates directly)
      • Distribute certificates/configuration profile
      • Install certificates / configuration profile
      • Access web resources through ProxySG
      • Verify iOS device are authenticated
 
The second document ("UC-ios_transparent_authentication-v1.0.pdf") describes the same topic from a different point of view. It is a 1-pager and describes the use case of authenticating iOS devices.
The 1-pager contains enough information for very experienced ProxySG administrators. Most people probably would have to use the more detailed one.

Resolution

The solution is in "Situation" above.

Attachments

Attachments.zip get_app