05-16-2017 08:49 PM
Hi
If this appeared since iOS 10.3.x why is it a Cisco bug? Can someone please provide a clear explanation of what this means to ISE 2.2 users and what has changed in iOS 10.3.x?
The 'Conditions' in the Bug ID seems to indicate that the PSN's need to install publically signed certificate for the purpose of BYOD onboarding.
thanks in advance
Solved! Go to Solution.
05-17-2017 04:32 AM
The bug is for documentation purposes stating the new flow for systems without certificates signed by a well known root
there is nothing for us to change in the product
05-17-2017 04:32 AM
The bug is for documentation purposes stating the new flow for systems without certificates signed by a well known root
there is nothing for us to change in the product
05-17-2017 08:18 AM
Also this has nothing to do with the ISE release, its specifically an IOS 10.3 change in how Apple handles untrusted certificates
04-30-2018 02:32 AM
Since Apple iOS 10.x, if you manually install a connection profile (as in BYOD) the root cert is not automatically trusted, instead you have to manually select "Enable full trust for root certificates" in Settings > General > About > Certificate Trust Settings. Then BYOD should work at the second attempt.
Apple recommend using Apple Configurator or Mobile Device Management (MDM) to install certs because root certs installed this way are automatically trusted.
There's an Apple doc (dated 2nd January 2018) explaining this - https://support.apple.com/en-us/HT204477.
So any BYOD process using a self-signed or internal root cert will run into this problem. This is why Cisco recommend using BYOD with a public cert from those already trusted by iOS - see https://support.apple.com/en-gb/HT20812 for iOS 11 or https://support.apple.com/en-gb/HT207177 for iOS 10.
So Cisco can't fix this, it's due to a change in Apple iOS.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide