Solved iOS 13 SSL ca certificate untrusted (self signed)
-
Hello everybody,
I updated my iPad to iOS 13. Apple has new requirements for ssl certificates: https://support.apple.com/en-us/HT210176
I recreated my certificates like this:
certconfig.txt:
[ req ] default_md = sha256 prompt = no req_extensions = req_ext distinguished_name = req_distinguished_name [ req_distinguished_name ] commonName = ca.my.domain.tld countryName = DE stateOrProvinceName = NRW localityName = Bonn organizationName = My Company organizationalUnitName = IT emailAddress = info@myemail.tld [ req_ext ] subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer extendedKeyUsage=serverAuth subjectAltName = @alt_names [ alt_names ] DNS.0 = my.domain.tld
csrconfig.txt:
[ req ] default_md = sha256 prompt = no req_extensions = req_ext distinguished_name = req_distinguished_name [ req_distinguished_name ] commonName = ca.my.domain.tld countryName = DE stateOrProvinceName = NRW localityName = Bonn organizationName = My Company organizationalUnitName = IT emailAddress = info@myemail.tld [ req_ext ] extendedKeyUsage=serverAuth subjectAltName = @alt_names [ alt_names ] DNS.0 = my.domain.tld
Create certificate:
# openssl genpkey -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out ca.key # openssl req -new -nodes -key ca.key -config csrconfig.txt -out ca.csr # openssl req -x509 -nodes -in ca.csr -days 365 -key ca.key -config certconfig.txt -extensions req_ext -out ca.crt
After connecting to the server with this certificate, I get the following error:
"The root CA certificate is not trusted for this purpose"
The QSslError is QSslError::CertificateUntrusted (17).
Has anybody an idea what I'm doing wrong?
Sorry about my bad English.
Thank you all
-
I'm sorry, it works perfectly, I used the wrong (old) certificate in my configuration file :'(
-
@Morfio said in iOS 13 SSL ca certificate untrusted (self signed):
it works perfectly,
so mark your post as solved please! Thanks.