Certificate authentication with AppTunnel with TCP tunneling

Secure Apps for Android supports certificate authentication with AppTunnel with TCP tunneling. An app that uses AppTunnel with TCP tunneling can send a certificate to identify and authenticate the app user to an enterprise server. Depending on the server implementation, this authentication occurs without interaction from the device user beyond entering the AppConnect passcode, if one is required. That is, the device user does not need to enter a user name and password to log into enterprise services. Therefore, this feature provides a higher level of security and an improved user experience.

This feature is supported only with AppTunnel with TCP tunneling, not with AppTunnel with HTTP/S tunneling.

This feature is not available with Ivanti Neurons for MDM.

Inform the Ivanti server administrator that your app requires certificate authentication with AppTunnel with TCP tunneling. The administrator requires this information to correctly configure the feature for your app on the server.

To use this feature, the enterprise server must use client certificate authentication with Secure Sockets Layer (SSL).

App requirements

No additional app development is necessary.

However, the feature is supported only if the app:

  • is wrapped with the Generation 2 wrapper.

  • initiates a connection that does not use Secure Socket Layer (SSL) to the enterprise server. For example, the app can initiate the connection with a HTTP request, but not with an HTTPS request.

IMPORTANT: The connection that this feature makes to the enterprise server is secure; it uses SSL.