iOS S/MIME Certificate Management

focusvq
New Contributor

I am trying to see if anyone has had any luck/experience with managing S/MIME certificates within iOS.

Specifically, the public key certificates for recipients.

This is an IMAP account, not Exchange, so GAL is not an option here.
I have attempted to create an LDAP with certificates for the users to lookup, this did not seem to work.
I have tried to create a .mobileconfig and load it with either .cer or .pem public keys, as I do with Macs, this does not work.

Short of forklifting to Exchange, please no, are there any options? Does the current MDM framework not support adding keys to the keychain in iOS in a way that Mail can properly detect/use?

3 REPLIES 3

RolfZ
New Contributor II

Hi Focusvq
I am having the same problem. Did you manage to find a solution for this? If so I would be very interested to hear about it.

focusvq
New Contributor

I have not found a solution.

From what I have found, there was apparently a change between iOS 8 and iOS 9 that broke this.

While I am not sure if using com.apple.security.pkcs1 or com.apple.security.pem is supposed to be the correct profile key, neither currently work. But apparently one of those keys worked in iOS 8.

After some back and forth with a sales person at Jamf swearing up and down that Jamf could do this, I finally pushed hard enough to get Jamf to stand up a demo Jamf Pro Cloud instance, where we were able to prove that this cannot be done in iOS 13.

I'm not optimistic for iOS 14 support, but I would certainly appreciate this working again.
Hopefully Jamf can lean on Apple to get this (re-)enabled?
They would certainly have a new account from me for that!

RolfZ
New Contributor II

Thank you for the update and clarification :)
I was in contact with JAMF Support regarding this issue as well. The outcome of this was that I should contact Apple to see if it was even supported.