Kopano, Z-Push, iPhone (ssl-problem)

kopano

#1

Hi@all,

i’m trying to connect an iphone (ios 12.3) to kopano. Android works. I only have the possibility to switch ssl on or off in the account settings of the iphone. However, the connection is denied because the certificate is not trusted. How do I transfer the certificate from the UCS (here kopano is running) to the iPhone for the connection to work?

with best sven


#2

Hello Pixel,
do you use the UCS self-signed certificate or did you install Letsencrypt. With a vilid Letxencrypt certificate it should work.

Using self-signed cetificate on IOS 10 and above is a little bit tricky.
One quick and dirty method is downloading the root certificate and the SSL certificate onto the iPhone. After that go to Settings - General - Info/About - Certificate Trust Settings, and there is a section called
“ENABLE FULL TRUST FOR ROOT CERTIFICATES”.
Under it lists the certificate(s), you installed previously on your iPhone. Enable them.

After this corcedure you should be able to setup the Kopano account on your iPhone.

I use this method on our company-Exchange Server since 6 years and it worked all the time on alle Apple devices as long as te certificates are not outdated.

It is a poor way to use and so I will switch to Letsencrypt next.

I recommend, first to install and configure Letsencrypt with your Kopano and connect to your Kopano account then.


#3

Hi,

Yes, I also use self-signed certificates. I can find the root certificate in the UMC -> Login -> Menu -> Certificates but where can I find the second certificate?


#4

Login into Univention Management
Goto system - Univention Registry
Type in “kopano” as search item scroll down the result list and find the location:

kopano/cfg/gateway/ssl_certificate_file
	/etc/kopano/ssl/cert.pem
kopano/cfg/gateway/ssl_private_key_file
	/etc/kopano/ssl/private.key

You will need the ssl_certificate_file.

I hope, it works for you. If not, I recommend to install Letsencrypt. With the signed certificates you should have bo trouble.