Any plans in the pipeline to implement client-side certificate validation into the iOS App? End state is to ensure only authorized devices can even access the Nextcloud instance. It’s easy to implement in Apache, the app just needs to option to authenticate with the installed certificate in the phone’s keychain.
j-ed
April 20, 2021, 8:46am
2
This feature has already been addressed with in this request, but hasn’t yet been implemented:
opened 05:30PM - 28 Apr 19 UTC
### Expected behaviour …
Option to configure a Nextcloud account to include an SSL User's Private Key and Certificate to connect to the server.
The use of an SSL Client certificate greatly improves the security. It protects the SSL connection against SSL decryptors deployed here and there and many other threats. It also improves the security in the mobile device by moving the private key to a memory space where nothing can touch it.
As a first step, it should be easy to add this as an extra option to account but still require the password or the access token. In a further release, it would be possible to use the certificate as the only authentication but that requires more effort and more config in the SSL engine facing the Nextcloud service as well as in the Nextcloud config itself to map certificates names to usernames.
### Actual behaviour
To use such a client side certificate is not an option as of now
### Steps to reproduce
N/A
### iOS version
N/A
### App version
Latest
### Server configuration
N/A
**Operating system**:
N/A
**Web server:**
N/A
**Database:**
 N/A
**PHP version:**
N/A
**Nextcloud version:** (see Nextcloud admin page)
 N/A