LongRange Developer Forum

The app that we are deploying is for company internal use only, so I was planning on deploying with a self signed SSL cert.

Will this work with LongRange? Is there somewhere on the iPad where you can assign the cert as trusted?

Thanks in advance

This is for an RDMLX LANSA development environment.

This will work for LongRange. Assigning the certificate as trusted beforehand is not necessary.

In your Settings, you will set the SSL switch on and the Server Port will be the SSL port to LANSA for the Web. It's important that SSL is set up and working before trying to run LongRange through it, of course.

Thanks. I will give it a shot.

Just a follow up: It works perfectly.

Thanks again.

We are having issues with IOS 9. The Self Signed certs are no longer working.

I have done some research and find that Apple has introduced ATS which increases security. But it sounds like the default for this new secrity framework is to disallow non-https transmissions and self-signed certificates....Unless the IOS App (LongRange in this case) specifically overrides this setting.

Can anyone confirm whether my understanding is correct, and if the LongRange app has this overrides setting on?

Regards,

Andy

Hi Andy,
I have tried on our environment and it worked OK for me (iOS 9, connecting via SSL to a Windows server, with self-signed certificate).
What error did you get, and at what stage did you get this (e.g. during initial connection after configuring server profile)?
Would it be possible for you to confirm that the self-signed certificate works on iOS prior to 9 (if you have any device that's still running iOS < 9)?

Thanks for the response...that helps.

It's been running for a year using the self-signed SSL cert on OS400 V7.1 for iPads with IOS7 and 8

I have also found today that there is a mismatch between the DNS name and the name on the cert. I had thought the issue that I was having was the self-signed issue based on the Apple Documentation on the new security framework.

However, It may just have been that IOS8.0 is more forgiving on a DNS name mismatch issue.

I will create a new cert tomorrow with the same name as the DNS, and try again, and see if IOS9 starts working again.

Andy

This was the message "An SSL error occurred and a secure connection to the server cannot be made"

I will look in more detail at any logs tomorrow

Okay...... so I have found the issue is SSLV3. It appears that IOS9 no longer supports that.

I can get TLSV1.0 to work...however, it is old and has some bugs in the implementation (Causes other issues for us with image corruptions in V7R1). LPC directed me to turn this off when I was dealing with them in March.

I need to get TLSV1.2 working, but I cannot get it to turn on. Do you have an example of a working IBMi apache config using TLSV1.2?

Regards,

Andy