In 2017 Apple changed the security requirements for all apps in the app store. The Lucity Mobile app was updated to meet these same requirements. The changes are that your server that is running the Lucity Mobile Server:
• Must use SSL
• Must be using a certificate with strong encryption
• Must support TLS 1.2
• Must be configured for perfect forward secrecy
If you do not meet these requirements the Lucity Mobile iOS app will attempt to connect to your mobile server but will ultimately fail.
With this setup, you can either use a DMZ server or an internal server with the tablet using a VPN to access the network. Either of these options is acceptable, but both still require the use of SSL. If you are not using SSL, you will need to configure or procure and configure a certificate. Once you have the certificate configured you will need to make sure you meet the other requirements (TLS 1.2 and perfect forward secrecy).
We are particularly fond of a tool called IIS Crypto which is discussed in this blog post for making sure your IIS SSL configuration is secure and meets the minimum requirements: https://scotthelme.co.uk/getting-an-a-on-the-qualys-ssl-test-windows-edition/
Alternately, here are some other articles on configuring TLS 1.2 and perfect forward secrecy.
- TLS 1.2 (Note this is probably only relevant on Windows 2008r2 because it should be enabled already on 2012 and 2012r2): https://support.quovadisglobal.com/kb/a433/how-to-enable-tls-1_2-on-windows-server-2008-r2.aspx
- Perfect Forward Secrecy (this only handles minimal configuration, the IIS Crypto tool goes beyond this): https://technet.microsoft.com/en-us/library/security/3042058
It is very important that you also make sure that your GIS Map Services are also SSL and that the server used for these services also meets the minimum configuration.