Installing X.509 Certificates on iOS Devices

Add an authentication screen to the Hybrid App from which you can authenticate with a generated X.509 certificate instead of a user name and password combination.

1. Copy the X.509 certificate used for authentication into a directory on the same host as SAP Mobile Server. For example, c:\certs.
2. Create a registry string value on SAP Mobile Server at HKLM\Software\SAP\SAP Messaging Server\CertificateLocation and populate it with the path. For example, c:\certs.
3. Name the X.509 certificate file as domain_user.p12, where domain is the SAP Mobile Server domain and user is the certificate user. The user must have read permission for .p12 file.
4. The system administrator must ensure the specified domain\user has “log on as batch job” permission on the Windows machine on which SAP Mobile Server runs:
   1. Double-click Control Panel > Administrative Tools > Local Security Policies.
   2. Expand Local Policies and select User Rights Assignment.
   3. Right-click Log on as a batch job and select Properties.
   4. Select Add User or Group and add the domain\user.
5. The account under which SAP Mobile Server runs must have adequate permissions to impersonate the domain\user, for example, the Administrator account for the domain.

• Testing X.509 Certificates on iOS Devices and Simulators
  Select an X.509 certificate for user authentication to test.
• Apple Push Notification Service
  SAP Mobile Platform provides support for Apple Push Notification Service by pushing notifications to Hybrid Apps when the Hybrid App is offline.