So we are building a per-app VPN setup using Intune för iOS (iPADOS) units and we pushed out F5 Access app along with Intune F5 Access App which is then configured using F5 Access VPN profile using authentication with certificate which is pushed out to the device from internal CA using connector. Certificates for device is installed fine along side with root and intermediate, the profile in F5 Access app has all the settings correct and the certificate is listed.
On server side we also configured everything with access policy for iOS, we have added certificate for root and intermediate for trust and everything looks as it should but we seem to have missed something and are unable to initiate a VPN connection, the device attempts to start a VPN tunnel but failes to do so with error " An invalid or expired certificate was presented by the server"
What are we missing? Something with the ceritficates? a setting on device? something on server we missed adding the trust?
Any thoughts be much appreciated!
Thanks in advance
Don't have much experience with iOS app. But following article can be followed to troubeshoot clientside issues.
To check, on server (F5) end please confirm if intermediate CA is correctly added in the clientssl profile and primary certificate is not expired. Simple test would be to open the browser and hit the URL to see if certificate is loading fine there.