iOS Application Transport Security Requirements - Mobile Access for iPhone (Legacy) - English - Foundation 22.1 - OnBase - Essential - Premier - Standard - external - Essential - Standard - Premier

Mobile Access for iPhone (Legacy)

Platform
OnBase
Product
Mobile Access for iPhone (Legacy)
Release
Foundation 22.1
License
Essential
Standard
Premier

In order to use OnBase Mobile applications for iOS, the Mobile Applications Broker Server must be configured to accept secure (HTTPS) connections, and the Mobile Applications Broker Server must meet the following requirements:

  1. The server certificate must meet one of the following criteria:
    • Issued by a certificate authority (CA) whose root certificate is incorporated into the operating system

    • Issued by a trusted root CA and installed by the user or a system administrator

  2. The negotiated TLS version must be TLS 1.2.
  3. The negotiated TLS connection cipher suite must support forward secrecy (FS) and be one of the following:
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  4. The leaf server certificate must be signed with one of the following types of keys:
    • Rivest-Shamir-Adleman (RSA) key with a length of at least 2048 bits

    • Elliptic-Curve Cryptography (ECC) key with a size of at least 256 bits

  5. The leaf server certificate hashing algorithm must be SHA-2 with a digest length of at least 256 (SHA-256 or greater).

For additional information about iOS Application Transport Security, refer to the Mobile Access for iPad Product blog on the Hyland Community at https://www.onbase.com/community or contact your first line of support.