Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid HTTPS, iphone certificate

    Scheduled Pinned Locked Moved Cache/Proxy
    5 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      RickTosch
      last edited by

      Good day,

      I deployed Squid with transparent mode in my environment.
      After enabling SSL filtering, I was able to export CA (.crt) and import in Windows clients.
      How do I do the same for iOS? (iPhone, iPad)
      I read that iOS only takes p12 and pfx.
      Do I need to convert crt to p12?

      Thank you,

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Email it to yourself and click on it on the phone and see what it does.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • R
          RickTosch
          last edited by

          Thank you, I tried that and while the downloaded attachment is recognized as x.509 cert, there is no way to actually open it.

          CORRECTION (success):

          I have 2 3rd party(gmail) mail apps installed which I used to send the .CRT to myself. I sent it to my exchange account using the built-in mail and that allowed me to install it.

          Question begs to mind, how would one install this cert if no default mail was used. My wife for one uses just the 3rd party gmail app to access her emails, not the default mailing app.
          Is there another way?

          Thanks!

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            You need to get the file to the phone somehow. Emailing it is generally the easiest. You can also use Apple Profile Manager, etc. You are asking an iOS question, not a pfSense question.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • R
              RickTosch
              last edited by

              thanks, good point.
              Ill experiment more with this.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.