Having recently been forced to upgrade from my old iphone 5S (ios12), after a data migration to the new(er) iphone SE (ios16) from backup held on desktop mac (not phone-to-phone transfer) the Connect app (ver 3.3.2, 5086) now just gives me "External Certificate Not Found" error if I try to use either of my installed profiles. (EPKI_INVALID_ALIAS, EPKI_ERROR, external_pki_error: identity not found).
I tried deleting the cert P12 from within the app, then re-installing a fresh copy (.ovpn12) via the app, but it has made no difference.
It had been working fine on the old phone although had not needed to use it for a while so I'm not sure how the timings might line up with updates of the app. Anwyay I got the old phone out again to see if it still worked there... It has the same 3.3.2 version of 'connect' and I do NOT get the same error on the old phone, it is evidently finding the cert ok ("Keychain Cert Extraction: 1 certificate(s) found"), but exasperatingly it has mysteriously acquired another problem although I have changed nothing in the solution/config. It now does not connect, getting 'server poll timeout'. At the server I am seeing 'UNDEF common name' (and user name). All the config data seems to be in place as usual at the server. I haven't looked further into this problem yet, but I mention it in case it gives a clue/linkage with the complete stoppage problem on the new phone.
I have struggled to find any relevant information about migrating to new iphones, any differences in cert handling, or this particular error.
Help much appreciated.
Thanks/ Henry
External cert not found after migrating to new iphone
-
- OpenVpn Newbie
- Posts: 2
- Joined: Mon Jan 17, 2022 11:21 pm
-
- OpenVpn Newbie
- Posts: 2
- Joined: Mon Jan 17, 2022 11:21 pm
Re: External cert not found after migrating to new iphone
BTW it's a self-generated/signed certificate.
Why does the connect app not find it now on the new phone even though it seemingly installed it itself OK into the keystore ? (no apparent errors on importing the P12)
Would deleting and re-installing the profiles do anything useful? (I'll try it anyway in due course).
Did the handling of the cert store change impactfully at some point along the recent iphone/ios evolution?
Why does the connect app not find it now on the new phone even though it seemingly installed it itself OK into the keystore ? (no apparent errors on importing the P12)
Would deleting and re-installing the profiles do anything useful? (I'll try it anyway in due course).
Did the handling of the cert store change impactfully at some point along the recent iphone/ios evolution?