CUMA IPhone Error Certificate

Pablo Ivan Mendoza Neri · ‎12-16-2010

Hello

I have an IPhone3G with Moibile Communicator 7.1.4, but when I Try to connect to the CUMA Server I get a error message "Invalid Certificate (1204)"

The Connection is trough an ASA, In the ASA I Have a Verisign Certificate.

Any Idea for This.

Regards.

Christos Georgiadis · ‎12-16-2010

Here are just a few thoughts.

Are you connecting from the internal enterprise network ? This will not work since you don't connect to the external ASA interface.

What are you using to connect to ASA ? IP address or FQDN? It should match the one the certificate is issue for

Can you download openssl and see what certificate you will be presented with ?

Here the command you use

openssl s_client -connect cuma.com:5443 where cuma.com is the fqdn/ip address you use in your iphone.

You should be presented with the verisign certificate.

HTH

Christos

tahequivoice · ‎01-10-2012

We are having the same issues with 2 Cuma installs, different customers, different firewalls, but both have the same errors. Ran a debug while doing the openssl.

CRYPTO_PKI: No suitable trustpoints found to validate certificate serial number:

I get this as the last line that shows the full subject name, which matches the trustpoint.

I get this as the last line in the openssl command

Verify return code: 19 (self signed certificate in certificate chain)

Now here is a question that is bugging me. The hostname of the ASA is different than the hostname used for Cuma connections. Will that cause an issue?

mnour401917_2 · ‎03-15-2011

Hi,

Did you end up fixing your issue, i have the same problem.

Thanks

Mohammed