Re: Android and Internal SSL Certificates

troysp · ‎05-02-2022

Hello,

We have deployed an public app to some of our phones that talks to an internal server on our network using the Tunnel app. This appears to work just fine from iOS devices but not Android devices. We pushed the internal CA and ICA certificates to the devices using a device profile and this works just fine on the iOS devices. This does not appear to work on the Android devices. The app will not connect to the server even though a packet capture can see the traffic making it to the internal server from the UAG appliance. I know this is an SSL/certificate issue because we can use the standard HTTP version of the site just fine so this eliminates any issue with tunneling that I can think of.

Has anyone else run into this issue and how did you resolve it? Should we be pushing CA certificates differently to Android devices versus iOS devices? I do have a ticket open with VMware on this issue also but it is not going anywhere right now and any help is greatly appreciated.

Thank you

Troy

gmanjohal · ‎05-23-2022

Hey, in my experience Android needed all certificates in one payload, is the SSL cert being pushed in the same payload as your internal CA certs or a separate profile?

troysp · ‎06-07-2022

Hello,

Can you tell me what you mean by one payload? I am configuring a profile with the credentials. I have tried uploading just the ICA and root CA certificates to the profile. I have also tried a .cer file with the complete chain in it. Neither one works for me. VMware is telling me it has to be in bas64 encoding but the formatting of the certificates whether it is exported as base64 or pem seem to look exactly the same. I am not sure I am missing something here but when you mentioned payload it makes me think that maybe we need to deploy the certificates another way rather than a profile.

Troy Sprouse

All

Android and Internal SSL Certificates