Unable to configure Network Agent on iOS 13.4


I've done the following on iOS 12 against SFOS 17.5.10 MR-10 with expected success:

  1. Download the Sophos Network Agent from the app store
  2. Visited the XG's user portal
  3. Downloaded the certificate for iOS

Unfortunately, on iOS 13 - things grind to a halt.

When you attempt to download the cert, it will not open with the agent.  Consequently, the agent will only ever report "Could not evaluate trust".

Is there a fix?

Thank you!




  • Hi  

    This issue is also related to Apple’s new certificate requirement only. (https://support.apple.com/en-in/HT210176)

    All TLS server certificates must comply with these new security requirements in iOS 13

    As of now, NC-54689 raised with the Development team to take the requirement furthers with the upcoming SF OS release. As of now fix version not marked yet as progress or work ongoing.

    Till the time you may use a workaround like Captive portal or IP, MAC-based rule, etc which is suitable based on your infrastructure or setup.

  • In reply to Keyur:

    Thank you for the detailed answer.  It's unfortunate that the fix is not yet underway, is there a way to vote for features so that they can garner traction?

  • In reply to Alexandre Lemaire:


    The development team is working on the issue with the highest priority and when it is available, we will inform you as well as publish the information on our public forums.