Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

ssl vpn with ios and azure sso - wildcard certificate ?


We have a Fortigate 100E and were able to make ssl vpn from ios with the app with azure sso authentication.

But at the moment it is not working. I guess since an ios update.

We are using a wildcard cert for the sslvpn at 100E.


Could it be that ios is not accepting a wildcard cert and I need to switch to a single?


Error is "Untrusted Connection This Connection is untrusted. press OK to continue" - at ok, nothing happens.


Thank you.


Contributor III

Does the iOS device trust the CA and intermediate CA's that signed the certificate?  Is this a public or private CA?  Why use a wildcard at all?


Yes, it is trusted. It is a public.

Why should I not want to use a wildcard cert?

Because I already bought it, and it is easier to manage one instead of multiple.

In the meantime I asked Fortinet Support.

They told me that the "latest" iOS Version that is supported by Forticlient app is 14.

I think this is crazy, I can not believe it.


That is correct.  I suspect this due to all of the security changes Apple has made in versions since iOS 14 (mainly certificate turst/use!).  VPN, certificates, etc are notoriously difficult for mobile devices.  This especially true when you aren't using an MDM. 

Top Kudoed Authors