After the latest IOS release on September 19, 2017. IPhone users have complained that they are unable to connect to their respective networks when they have a company enforced authentication method in place. Continue reading and see how you as an administrator can resolve this issue!
Now, one would wonder why would something that always worked stop working? The answer is quite simple, Apple has decided to remove support for SHA-1 Certificates in TLS connections. This is a great move for them as it ensures that their users are more secure. Kudos to them!
With WatchGuard you can follow the below method to get your IOS 11 users up and running in no time!
Fireware OS 12 and WatchGuard System Manager
- Connect to your Firebox
- Open up Policy Manager
- Go to “Setup > Authentication > Web Server Certificate“
- Select “Custom Certificate signed by Firebox“
- Input company details you would like to use eg. CN = RD Group ; O = WatchGuard ; OU = Fireware
- Click “OK” and save the configuration to the Firebox
Now we are going to get the Self Signed Certificate the Firebox just generated
- Open Firebox System Manager
- On the top left hand corner click on View > Certificates
- On the Certificates page you are going to select the certificate we just created in Policy Manager (It should be marked with ” Signed* “)
- When the correct certificate is selected we are going to export it to the local machine by clicking on “Export” and selecting a file location of your choosing
- Now all we have to do is send this certificate to the IOS 11 users via E-mail. Which they are going to import on their device. And that’s it! Users should now be connecting to the Wi-Fi without any problems.