Summary
This article describes how to configure an Apple TV® device to recognize an HTTPS Decrypt and Inspect Certificate Authority (CA) certificate
Problem
Apple TV devices may be used on a network where an administrator performs HTTPS Decrypt and Inspect a man-in-the-middle (MITM) interception. As with all devices, the CA certificate used by the Smoothwall to create certificates must be installed locally.
Apple TV devices do not support management tools such as Group Policy or mobile device management (MDM), so it is not possible to automatically distribute certificates.
Solution
HTTPS Inspection CA Certificates can be manually installed on the device as follows:
- On the Apple TV, go to the AppleTV settings menu.
- Select General.
- Highlight Send Data To Apple.
- Press Play (not the normal Select button) and you will be prompted to add a profile.
- Select Add Profile and then enter:
http://[Smoothwall_IP_address]/modules/guardian3/mitm/https_interception_ca_certificate.crt
where Smoothwall_IP_address
is the IP address of the Smoothwall appliance doing the interception
Now your Apple TV device will be able to access HTTPS websites when you are performing HTTPS Decrypt and Inspect.
Note: The process above should also be possible using the Apple Configurator tool, refer to Apple documentation to achieve this.