Certificate is Not Signed (iOS)

jawj / IKEv2-setup

Set up Ubuntu Server 20.04 (or 18.04) as an IKEv2 VPN server

1.35k stars 338 forks source link

Certificate is Not Signed (iOS) #149

Closed romatou closed 1 year ago

romatou commented 1 year ago

I installed this IKEv2 config with the following command:

wget https://raw.githubusercontent.com/jawj/IKEv2-setup/master/setup.sh
chmod u+x setup.sh
./setup.sh

Then copied the ios.mobileconfig to iPhone, installed it. Everything is working fine, but how can I fix the Not Signed problem?

IMG_8A4B9733F9F6-1

jawj commented 1 year ago

First, the problem is just that it says 'Not Signed' in red text — it still works, right?

It is actually possible to sign the profile using the same Let's Encrypt certificate we use to identify the server to the VPN client. The issue is, these certificates have a 3 month expiry, so the profile becomes unsigned again pretty fast.

romatou commented 1 year ago

Understood, thanks