How do I connect the iOS Mobile Client to my Server?

  • 1.4K Views
  • Last Post 6 days ago
luca.scarpati posted this 19 July 2018

To connect your iOS mobile to the Scanshare server you need a secure connection, it's completely different from connecting the android mobile client.

Apple does not provide unsafe "http" connections but only secure connections in "https" and a SSL certificate is required to allow a web application to serve HTTPS traffic.

Otherwise the result will be a sad facefrown

or 

To do this, if you do not have a public server already configured and ready to use, with an official trusted certificate for the public DNS, you can follow these two prerequisites:

 1) Configure local DNS;

 2) Configure the FTP to server SSL

 3) Configure the machine to serve SSL.

 

Configure local DNS

  • Open Ultidev Web Server

  • Change the current "http" port (e.g. 60441) and click "OK"

  • Go to the "https" section and add or create a new certificate

  • If the certificate does not exists, you can create a new one

  • Enter a hostname, the DNS to be used is: myenterprise.scanshare.com (where scanshare may be changed with the name of the running application brand).

          Scanshare: myenterprise.scanshare.com

          Document Navigator: myenterprise.documentnavigator.com

          Covert+Share: myenterprise.convertplusshare.com

          Capture & Store: myenterprise.e-bridgecs.com

          ScanZ: myenterprise.scanz.com

  • Select the certificate and click "Next"

  • Here you see some information about the certificate and if the port is not inserted you can add it as TCP / IP Port for SSL: 60440, then when all correct click OK

  • Double check the information in the "HTTPS" section are correct and click "Save config changes"

Note: If the configuration is for local usage on the server only please follow the next two steps to configure the DNS locally on the server, otherwise the DNS must be added to the network / domain DNS server records.

  • Go to C:\Windows\System32\drivers\etc and open the hosts file

  • Add the hostname resolution to the localhost address

  • Done, try to connect via browser by using the configured DNS under HTTPS protocol

 

 Configure the FTP to server SSL:

in practice you have to specify the range of ports to use, the passive host and above all the certificate to use, in our case we will export the local one but if you were using a Trusted you can also add ...

1. Export the certificate from IIS

... select the certificate and export it (remember the password entered because you will have to use it in the application) 

2. Configure the FTP into the application settings: 

Insert the Data port begin and end that FTP can use to communicate, for example we insert the range from 50000 to 50100...insert the Passive host in the our case "myenterprise.scanshare.com" and insert the certificate created above with the password.

Click save and go to next step!

Configure the machine to serve SSL

The method in this article shows how to bind a SSL certificate to the network web service and adds the self-signed SSL certificate to the trusted certificates store on Windows (the same procedure also applies to those who have a real certificate). Afterwards, the self-signed SSL certificate will be fully trusted on the machine. It should be noted that this self-signed SSL certificate will only be trusted on this machine, and not be trusted in general, because, of course, trusted SSL certificates are issued by actual Certificate Authorities.

 

1. Create a self-signed certificate using IIS (skip to the 2nd step if you would like to use the previous created certificate, or skip to the 3rd step if you would like to use your trusted certificate)

       Start IIS Manager and select the top-level node representing the machine itself.

        into Server Certificates section.

    ServerCertificate

            Click on Create Self-Signed Certificate (in the my case)... on the right-side panel.

     

                Specify a friendly-name for the certificate that you are creating.

      

 2. Install the self-signed certificate into Trusted Root Certification Authorities

       Ensure that the newly created self-signed certificate is present in the Trusted Root Certification Authorities certificate store. 

    

  3. Configure the machine to serve SSL

      Copy the Thumbprint value of the certificate and remove all spaces from it (you can use Notepad for that).

                                      

         Copy the Application ID from UltiDev Web Server Explorer: 

    

         Issue the following commands in a Command Prompt with elevated privileges (you get that by using the Run As Administrator option).

    netsh http add sslcert ipport=0.0.0.0:1991 certhash=f17d26877e42317814ed35cae0594a5d0532ec79 appid={4418F59C-B8D3-46D5-9AE3-3114B076FB41}

   

That should be it.

Note in the command the default SSL port which is 1991, configurable in the server network settings. Remember to check eventually firewalls blocking it.

 

Now you are ready to connect:

Add the server address without https (this is normal because it only accepts connections in https laughing), add the port if different from the default and credentials if requested and click connect.

 

 

Enjoy your iOS mobile experience cool!

Order By: Standard | Newest | Votes
Eric Rutgers posted this 2 weeks ago

Hello Luca.scarpati

 

Can you make a tutorial how to use a "lets encrypt" certificate for secure communication?

 

Kind regards,

Eric Rutgers

luigi.zurolo posted this 2 weeks ago

Hi Eric,

 

what do you mean exactly with "lets encrypt" ?

 

Thank you.

Eric Rutgers posted this 6 days ago

Hello Luigi Zurolo,

 

In the above "How to" is a certifacte used to connect to a iOS device.

Can I also use a free certifacte for a secure and valid connection?

https://letsencrypt.org/

 

 

Kind regards,

Eric Rutgers

luigi.zurolo posted this 6 days ago

Hi Eric,

ah "let's encrypt" is the name of a certificates service. Yes you can use any certificate you wish just like any general SSL applications. Also because you might be using an official certificate as well if you deploy the application with external internet access under an official and regular DNS.

You can understand we cannot create a tutorial for any type of certificates service because there are simply thousands of them available on the internet. Our tutorial aims how to configure a generic certificate and since SSL and certificates are a common concept equal and transparent to the certificate you are going to generate / buy / create this is valid for all type of certificates.

Of course configuring SSL requires also background knowledge about networks, security and SSL / certificates in order to have full confidence about what's a certificate and how it can be used.

  • Liked by
  • Eric Rutgers
Close