Field Maps for iOS, iOS 13+, internal certificates
This is an FYI for anybody unable to sign into ArcGIS Enterprise through Field Maps on iOS due to 'untrusted certificate' warnings, when your organization is using internally signed certificates:
Problem:
After our organization's internal certificates automatically renewed after their expiration date, we were blocked from signing into our ArcGIS Enterprise portal through Field Maps. Interestingly, we still had access through all manner of web-browsers, mostly on Windows machines (Edge, Chrome, Firefox), but also including Safari from the same iPads that were blocking Field Maps.
Solution:
Apparently, all version of iOS from 13 and later automatically reject any TLS certificates with a 'Valid To' date of anything greater than 825 days (2 years + 95 days). Using internally signed certificates will generally allow for much greater lengths of validity, and is more convenient for administration (Ours were set to 5 years). However, iOS will not trust them by default, and as such, will block Field Maps from allowing users to sign onto ArcGIS Enterprise servers using this certificate specification.
After finding this info on iOS documentation, our IT dept issued new certificates with a validity lifespan of < 825 days, and this corrected the problem. As we had great difficulty finding any cases related to this specific issue, we thought our experience might be of helpful to other organizations with similar Enterprise/mobile deployments.
We initiated using PingID to solve the issue. We have been on PingID for close to 4 years now and zero log in issues when not on the company intranet. i.e. mobile devices.
We also are Enterprise Portal
Interesting, I will look them up. Perhaps I can build a case for a budget increase in the future. Thanks, Robert!