How do I add a self-signed https certificate?

Discussion in 'iPhone Tips, Help and Troubleshooting' started by interconnect, Jun 22, 2010.

  1. interconnect macrumors regular

    interconnect

    Joined:
    Nov 15, 2007
    #1
    Anyone know how to add a self-signed https certificate for the iPhone? I use a self-signed cert for a webUI for uTorrent via stunnel. In iOS 3.0 it wasn't much a problem; it would kick up a warning but would let you continue. In iOS 4.0 it won't let me continue without adding the cert. apparently. I get a prompt saying that the "certificate for this server is invalid."

    I've tried going to the webUI url in Safari on my mac, viewing the cert. when prompted, and choosing to add it to my keychain and then syncing, but I still get the same prompt with no way to continue or add the cert. I've also tried emailing my self the .cer file and adding it on my iPhone, but it still does not work. Any help would be greatly appreciated!!

    Edit: I've found the profile on my iPhone for the cert. I added, but shows it as "Untrusted".
     
  2. interconnect thread starter macrumors regular

    interconnect

    Joined:
    Nov 15, 2007
    #2
    anyone? i'm at a loss on how to get this to work.
     
  3. clayj macrumors 604

    clayj

    Joined:
    Jan 14, 2005
    Location:
    visiting from downstream
    #3
    You don't.

    The smart thing to do is to pony up the $24.99 per year to get a proper certificate from Go Daddy. Once you install this on your server, the iPhone will properly recognize it when you connect and life will be good. Self-signed certificates are a one-way ticket to unhappiness.
     
  4. Guiyon macrumors 6502a

    Joined:
    Mar 19, 2008
    Location:
    North Shore, MA
    #4
    Huh, been doing that for years and I've never been unhappy. For a personal and private site, spending even $25 a year is overkill. There is nothing inherently wrong with a self-signed cert, other than some large company saying "go ahead, trust it!" (that and not having to manage the whole chain). If this was an e-commerce site or something else where the general public might have sensitive information I would not hesitate in getting a cert with an established and verifiable chain of trust but here it's just not necessary.

    As for loading the cert onto the iPhone, check out the iPhone Configuration Utility. I usually use it to create a configuration profile with my CA and info for my wireless network and it works great. You may need to actually create a self-signed root certificate and then create a regular certificate using it, though; I can't say I've tried using only a self-signed cert
     
  5. interconnect thread starter macrumors regular

    interconnect

    Joined:
    Nov 15, 2007
    #5
    Exactly. I'm not going to spend any money for a little server I'm running at home. Actually I've never had any problems until now. I've tried using the iPhone Configuration Utility and I still get prompted, although I can continue through it now (I had a shortcut to my site on my home screen and when I tried using that it wouldn't work at all. If I use Safari, I am prompted, but can continue through the prompt). Basically, I added my cert. from my keychain in a configuration profile, made sure it is trusted, and still get prompted. The config utility even shows it as trusted. I've tried converting my .pem that is on my server as well and I get the same result. Would the fact that my server is not running on a standard SSL port have anything to do with it?
     

Share This Page