iOS Application Transport Security Requirements - Mobile Applications Broker Server - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - Essential - Premier - Standard - external - Standard - Premier - Essential

Mobile Applications Broker Server

Platform
OnBase
Product
Mobile Applications Broker Server
Release
Foundation 23.1
License
Standard
Premier
Essential

If your solution includes OnBase Mobile applications for iOS, read the following sections to understand specific security requirements for the Mobile Applications Broker Server.

In order to use OnBase Mobile applications for iOS, the Mobile Applications Broker Server must be configured to accept secure (HTTPS) connections, and the Mobile Applications Broker Server must meet the following requirements:

  1. The server certificate must meet one of the following criteria:
    • Issued by a certificate authority (CA) whose root certificate is incorporated into the operating system

    • Issued by a trusted root CA and installed by the user or a system administrator

  2. The negotiated TLS version must be TLS 1.2.
  3. The negotiated TLS connection cipher suite must support forward secrecy (FS) and be one of the following:
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  4. The leaf server certificate must be signed with one of the following types of keys:
    • Rivest-Shamir-Adleman (RSA) key with a length of at least 2048 bits

    • Elliptic-Curve Cryptography (ECC) key with a size of at least 256 bits

  5. The leaf server certificate hashing algorithm must be SHA-2 with a digest length of at least 256 (SHA-256 or greater).

For additional information about iOS Application Transport Security, refer to the Mobile Access for iPad Product blog on the Hyland Community at https://www.onbase.com/community or contact your first line of support.