No-Code Mobile Integration > Enterprise Mobility > Verifying that a Certificate Is Trusted by MobileIron Sentry

Verifying that a Certificate Is Trusted by MobileIron Sentry

Introduction

Appdome is a no-code mobile integration platform as a service (iPaaS), supporting a wide variety of implementations for Android and iOS apps.

This Knowledge Base article explains how to implement Certificate Pinning to verify that a certificate is trusted by MobileIron Sentry.

We hope you find it useful and enjoy using Appdome!

When Fusing apps on Appdome with the MobileIron SDK you can enable them for Sentry Certificate Pinning.

You will always want to make sure that your client certificate is indeed trusted by your MobileIron Sentry before you Build your app with Sentry Certificate Pinning. This trust is required when apps access your intranet via the MobileIron Sentry tunnel.

Your MobileIron Sentry must be resolvable and accessible over the internet.

Prerequisites for using Appdome for MobileIron Sentry

In order to use Appdome’s no code implementation of MobileIron Sentry, you’ll need:

  • Appdome account
  • Mobile App (.ipa for iOS, or .apk or .aab for Android)
  • Application set up to be fused with MobileIron AppConnect SDK, to do that follow this guide
  • Signing Credentials (e.g., signing certificates and provisioning profile)

Steps to Take in MobileIron and MobileIron Sentry Environments

Generate a client certificate using the same Certificate Authority (CA) trusted by your MobileIron Sentry. See below how to locate the trusted CA in your MobileIron Core:

  1. Export the client certificate as a P12/PFX file
  2. Import your P12/PFX file into your browser (PC/Mac)
  3. Navigate to your MobileIron Sentry URL over HTTPS (e.g. https://my.sentry.com)
  4. The browser will ask for a client certificate to be used to connect to the MobileIron Sentry, please select your imported client certificate from the list.

View certificate

Export the certificate

If the browser continues to the next step your client certificate is trusted by the MobileIron Sentry.  Otherwise, it is not trusted.

Optional test: You can openssl command line tool to verify the certificate:

openssl s_client -cert myCert.pem -key myCert.key -connect https://my.sentry.com:443 -debug

Once it stops printing out certificate information, just type HTTP protocol command to get main page on that URL and press enter:

GET /

It should give you bit more binary data and successfully decrypt expected HTML page and dump it on the screen.

Appdome Steps to Build Apps with Sentry Certificate Pinning

  1. Under Managment tab, go to Appdome Mobility Suite and enable Sentry Certificate Pinning as seen below
  2. Add a private client certificate file for Sentry authentication
  3. Add your sentry host URL (without https://)

MobileIron Sentry certificate pinning

After Adding MobileIron Sentry to a Mobile App on Appdome

After you have added MobileIron Sentry SDK to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project.

Add Context™ to the Appdome-Built App

Appdome is a full featured mobile integration platform. Within Context™, Appdome users can brand the app, including adding a favicon to denote the new service added to the app.
For more information on the range of options available in Context™, please read this knowledge base article.

Sign the AppConfig enabled Appdome-Built App (Required)

In order to deploy an Appdome-Built app, it must be signed. Signing iOS app and Signing an Android app are easy using Appdome. Alternatively, you can use Private Signing, download your unsigned app and sign locally using your own signing methods.

Deploy the Appdome-Built App to a Mobile Device

Once you have signed your Appdome-Built app, you can download to deploy it using your distribution method of choice. For more information on deploying your Appdome-Built apps, please read this knowledge base.
That is it – Enjoy Appdome for AppConfig in your app!

How Do I Learn More?

Check out Appdome blog or request a demo at any time.
If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Paul Levasseur

Have a question?

Ask an expert

©2020 Appdome, Inc. All rights reserved. This Website requires the use of technical cookies and, with your consent, profiling, and third-party analytics to improve your experience. If you continue to use our Website, or by clicking any items of our Website, you agree to this.