The Google Chrome browser on Apple iOS devices (iPhone, iPod, iPad) shows certificate warnings or reports that it "cannot connect to the real website". This happens when either using HTTPS Inspection on Smoothwall, or when browsing to HTTPS blocked sites.
On many platforms this can be resolved by installing the Smoothwall HTTPS Inspection Root Certificate Authority (CA) certificate on the device or browser, but Chrome on iOS does not use the system root certificate store, and does not provide a method to manually trust a CA.
This issue cannot be avoided on Chrome, and the Google Chrome development team (Chromium) have are unable to resolve this (http://code.google.com/p/chromium/issues/detail?id=152584).
Note: Safari browser users, and many other apps on iOS devices, do use the local certificate store, so once the root CA is downloaded from Smoothwall and installed on the device, users will not see warning messages.
Procedure
- Download the CA from Smoothwall. See our help topic, Managing HTTPS inspection settings.
- Send the CA to the user, either by email or by means of an external storage device.
- Ask the user to open the file.
- iOS prompts if they want to install the CA, and to input their passcode if they have one.
- If the CA was downloaded with a passcode, enter it and continue.
At the time of writing, it is not recommend using the Chrome browser on iOS with HTTPS Inspection enabled for this reason. Users will still see certificate validation errors for blocked HTTPS websites, however this does not affect their ability to browse the web.
Alternatively, to see another means of installing the certificate by having the user do it themselves without your assistance, see our other knowledge base article, Stop the MITM Attack Warning When My Users are Using BYOD.