Using an Intermediary SSL Certificate on iOS and Android
About this task
In order for the Webspace app on iOS or Android to trust a server certificate, it must be able to trust the entire SSL certificate chain, including any intermediate certificates and all root certificates. Use these steps to make a server certificate that will provide the entire SSL certificate chain.
Procedure
- Obtain all .crt files included in your certificates chain, and .key files being used on the Webspace Host.
-
Concatenate your .crt and all intermediate and root .crt files. (Combine them into a final file as follows: copy test_server.crt+intermediate.crt+root1.crt+root2.crt server.crt)
Note: There may be 0 or more intermediate files and 1 or more root files. If your .crt file is self-signed, you will just need to rename your .crt file to server.crt.
- Rename the key file from step 1 to server.key so that it matches the newly created server.crt file.
- Copy these two files onto the Webspace Host (for instance: c:\Data).
- Launch the Admin Console.
- On the Tools menu, click Host Options.
- Click the Security tab.
- Change the transport to SSL and increase the encryption level to 256-bit AES, if you have a high-encryption license. If not, leave it at 56-bit.
- Browse to the SSL certificate server.crt in c:\data and click OK. You should not see an error message at this point if you have .crt and .key files with the same prefix.
- Enable Notify users when connections are secure for testing purposes.
- Click OK.
- Start a Webspace session from an iOS or Android device.