Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

ssl vpn with ios and azure sso - wildcard certificate ?


We have a Fortigate 100E and were able to make ssl vpn from ios with the app with azure sso authentication.

But at the moment it is not working. I guess since an ios update.

We are using a wildcard cert for the sslvpn at 100E.


Could it be that ios is not accepting a wildcard cert and I need to switch to a single?


Error is "Untrusted Connection This Connection is untrusted. press OK to continue" - at ok, nothing happens.


Thank you.



Does the iOS device trust the CA and intermediate CA's that signed the certificate?  Is this a public or private CA?  Why use a wildcard at all?


Yes, it is trusted. It is a public.

Why should I not want to use a wildcard cert?

Because I already bought it, and it is easier to manage one instead of multiple.

In the meantime I asked Fortinet Support.

They told me that the "latest" iOS Version that is supported by Forticlient app is 14.

I think this is crazy, I can not believe it.


That is correct.  I suspect this due to all of the security changes Apple has made in versions since iOS 14 (mainly certificate turst/use!).  VPN, certificates, etc are notoriously difficult for mobile devices.  This especially true when you aren't using an MDM. 


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors