Please check out the English help page (or the German Hilfe) first before posting.
eOS 2.4 only: Mac and iOS users please read this article in case of certificate issues.

Notifications
Clear all

[Solved] eOS 2.4.5: HTTPS certificate Mac OS Catalina and IOS 13 (solved in 2.5)  

Page 1 / 2
  RSS

Eminent Member
Joined: 9 Monaten ago
Posts: 38
24/12/2019 3:45 pm  

Hi,

i am not able to activate HTTPS support, because your certificate is not valid for Mac Os Catalina and IOS 13.

Installed like shown, Error message when testing: "Certificate may not have been installed"

I have tested the procedure on a different Mac with Mojave, it works there.

Any help

regards

Ulmisch


Quote
Member
Joined: 9 Monaten ago
Posts: 116
25/12/2019 4:52 pm  

Same difficulty for iOS. Downloaded and installed Configuration Profile ‘eBlocker - RobBlocker - 2019/08/25’ and set it as trustworthy. Apparently not accepted.


ReplyQuote
Eminent Member
Joined: 9 Monaten ago
Posts: 38
25/12/2019 5:30 pm  

After further tests i can confirm:

certificates work:

Mac OS up to Mojave, not with Catalina 

IOS up to version 12.x., not with version 13.x.

Apparently Apple changed something within the new versions.

I think we will need updated certificates to get them work.

Hopefully they will be delivered shortly....

regards 

Ulmisch


ReplyQuote
New Member
Joined: 9 Monaten ago
Posts: 1
26/12/2019 12:17 pm  

Apple has changed the minimal requirements for certificates to Hash-Algrrithm from SHA-2-family. 
The curent certificate seems to be sha-1. 
Currently I can find no workarounds. 

https://support.apple.com/en-us/HT210176  


ReplyQuote
New Member
Joined: 9 Monaten ago
Posts: 2
31/12/2019 10:04 am  

with 2 Macs Catalina and iPhone iOS13.


ReplyQuote
Member
Joined: 10 Monaten ago
Posts: 51
06/01/2020 5:39 pm  

I tested on iOS 13 and the problem was not the root certificate but eBlocker's server certificate. The TLS filtering worked but the controlbar could not be loaded from the eBlocker itself.

According to the new requirements that stw56132 found:

TLS server certificates must have a validity period of 825 days or fewer (as expressed in the NotBefore and NotAfter fields of the certificate).

Currently, eBlocker's server certificate has a validity of 3 years (1095 days) if the root certificate has the same validity period.

Workaround: create new root certificate with 2 years. Then eBlocker creates a new server certificate with the same validity period.


ReplyQuote
Member
Joined: 9 Monaten ago
Posts: 116
06/01/2020 6:08 pm  

Who will change this?

Certificate on my iPad now runs from 25-08-2019 to 25-08-2022 (3 years), but period can’t be changed in Settings/General/Profile/eBlocker/Details/

Best wishes for 2020. Rob

 


ReplyQuote
Member
Joined: 10 Monaten ago
Posts: 51
07/01/2020 10:47 am  

You would have to create a new root certificate:

  • Go to Settings / HTTPS / Certificate
  • Click RENEW NOW
  • In the SETTINGS tab, select Months valid: 24
  • Click GENERATE CERTIFICATE

The new root certificate must be installed in all clients.


ReplyQuote
Member
Joined: 9 Monaten ago
Posts: 116
07/01/2020 2:58 pm  

Followed instructions, rebooted iPad and iPhone, worked on both! Thank you Boris.


ReplyQuote
Eminent Member
Joined: 8 Monaten ago
Posts: 24
16/02/2020 12:50 pm  
Posted by: @bpr

You would have to create a new root certificate:

  • Go to Settings / HTTPS / Certificate
  • Click RENEW NOW
  • In the SETTINGS tab, select Months valid: 24
  • Click GENERATE CERTIFICATE

The new root certificate must be installed in all clients.

This worked for me! Thank you.


Random liked
ReplyQuote
Active Member
Joined: 7 Monaten ago
Posts: 5
18/02/2020 6:38 pm  

Hello,

I also followed the instructions on my imac (OS X 10.15.3). But there is an error Code: -25294.

So I´m not able to import the certificate. What can I do?


ReplyQuote
Member
Joined: 9 Monaten ago
Posts: 137
18/02/2020 7:06 pm  

Hello,

I can't find this error code!!!

Is this when will it appear?

regards

PIO


ReplyQuote
Member
Joined: 8 Monaten ago
Posts: 200
18/02/2020 7:13 pm  

@zwergkralle

Please attach screenshots, from what you are doing and when the error appears. Without that, it is nearly impossible to help 🙂

Kind regards
Sven


ReplyQuote
Active Member
Joined: 7 Monaten ago
Posts: 5
18/02/2020 8:49 pm  

In the "eblocker 2" GUI I klicked to certificate "download".

Then it was downloaded in my downloadfolder. Then I opend the keychain Access, gone to keyrings "System" and category "certificates". Then I klicked to "import object" and tried to import the downloaded certificate. Then there is the error code. Here is the Screenshot of the error code:error code -25294


ReplyQuote
Member
Joined: 8 Monaten ago
Posts: 200
19/02/2020 7:15 pm  

Can you post your eblocker "License" and "Update" Screen and also your "HTTPS certificate".

I am also not able to find any website with Mac certificate errors which could help.

best regards
Sven


Random liked
ReplyQuote
Page 1 / 2
Scroll to Top