Hello Support Community,

i have the following Setup:

CUCM Cluster Version 10.5(2)SU1

Expressway-Core, Expressway-Edge Version X8.5(3)

CUCM IM & Presence 10.5(2a)

Unity Connection Cluster 10.5(1)SU1a

Microsoft ADFS Server

Microsoft ADFS Web Application Proxy

All Servers are SAML based SSO enabled and this works fine.

When the SAML Server is konfigured to do Authentication based on Username and Password all Jabber Clients (internal and external through expressway) are working fine.

now here is the question:

i changed the SAML Server Authentication to do Client Certificate Authentication and gave all Jabber Devices a Client Certificate.

The Jabber for Windows 10.6(4) client works fine internal and external so the setup seems to be ok.

Jabber for iPhone 10.6(3) stops at the point where i have to choose which client certificate to use (internal and external)

Jabber for Android 11.0(0) stops at the point where i have to choose which client certificate to use (internal and external)

so according to the documentation i found the mobile Clients should use the capabilities of the default browser right?

but if i start the Safari browser on the iPhone and navigate to the cucm internal website and click on the link for the selfcare portal it redirects me to the adfs website, i can choose which certificate i want to use for authentication and it works.

same happens on Android with the chrome browser.

so is it a bug or is it not supportet?