Configure the Connections mobile app to allow client certificate
authentication on iOS mobile devices.
Before you begin
You
can also distribute client certificates by using ibmscp links. For
more information, see the Importing client certificates by using
ibmscp links topic.
About this task
Most Mobile Device Management (MDM) products can push
client certificates to the iOS device. However, because of iOS security
restrictions, the Connections app cannot access these certificates.
To work around this restriction, you can import client certificates
into the Connections app's keychain.
To import a client certificate
on an iOS device, complete the following steps:
Procedure
- Append the .ibmmbd extension to the
client certificate p12 file so that the Connections mobile app can
open the file. For example: cert.p12 becomes cert.p12.ibmmbd.
Important: If you do not append the.ibmmbd extension,
iOS installs the.p12 file to the iOS Settings
app instead of the Connections app. In that case, the Connections
app cannot use the certificate to access the server.
Tip: A .p12 file
follows the PKCS #12 standard for storing cryptography objects as
a single file. Each .p12 file bundles a private
key with a corresponding X.509 certificate.
- Distribute the .ibmmbd file to your
mobile users. Send the file by email or add it to a website that can
be accessed from a mobile device.
Remember: If
you distribute the .ibmmbd file from a website,
you must define an application/octet-stream mime
type on the web server for the .ibmmbd extension.
If the mime type is not defined, iOS reads the contents of the .ibmmbd file,
decides that the file is a certificate, and sends it to the iOS Settings
app.
- Provide the following instruction to your mobile users:
- Transfer the .ibmmbd file to your
mobile device.
- From your device, tap on the .ibmmbd file
and select Open in Connections. The Connections
app prompts the user to enter the password for the certificate.
- Import the certificate. A confirmation message verifies
that the certificate was successfully imported.
- Open the Connections mobile app and create an account.
When prompted, select the certificate that you imported and enter
the password.