Configuring client certificates on iOS

Configure the Connections mobile app to allow client certificate authentication on iOS mobile devices.

Before you begin

You can also distribute client certificates by using hclscp links. For more information, see the Importing client certificates by using hclscp links topic.

About this task

Most Mobile Device Management (MDM) products can push client certificates to the iOS device. However, because of iOS security restrictions, the Connections app cannot access these certificates. To work around this restriction, you can import client certificates into the Connections app's keychain.

To import a client certificate on an iOS device, complete the following steps:

Procedure

  1. Append the .hclmbd extension to the client certificate p12 file so that the Connections mobile app can open the file.
    For example: cert.p12 becomes cert.p12.hclmbd.
    Important: If you do not append the.hclmbd extension, iOS installs the.p12 file to the iOS Settings app instead of the Connections app. In that case, the Connections app cannot use the certificate to access the server.

    You can also distribute client certificates by using hclscp links. For more information, see the Importing client certificates by using hclscp links topic.

  2. Distribute the .hclmbd file to your mobile users. Send the file by email or add it to a website that can be accessed from a mobile device.
    Remember: If you distribute the .hclmbd file from a website, you must define an application/octet-stream mime type on the web server for the .hclmbd extension. If the mime type is not defined, iOS reads the contents of the .hclmbd file, decides that the file is a certificate, and sends it to the iOS Settings app.
  3. Provide the following instruction to your mobile users:
    1. Transfer the .hclmbd file to your mobile device.
    2. From your device, tap on the .hclmbd file and select Open in Connections. The Connections app prompts the user to enter the password for the certificate.
    3. Import the certificate. A confirmation message verifies that the certificate was successfully imported.
    4. Open the Connections mobile app and create an account. When prompted, select the certificate that you imported and enter the password.