code-server/doc/ipad.md

2.3 KiB

iPad

iPad

How to access code-server with a self signed certificate on iPad

Accessing a self signed certificate on iPad isn't as easy as accepting through all the security warnings. Safari will prevent WebSocket connections unless the certificate is installed as a profile on the device.

The below assumes you are using the self signed certificate that code-server generates for you. If not, that's fine but you'll have to make sure your certificate abides by the following guidelines from Apple: https://support.apple.com/en-us/HT210176

note: Another undocumented requirement we noticed is that the certificate has to have basicConstraints=CA:true.

The following instructions assume you have code-server installed and running with a self signed certificate. If not, please first go through ./guide.md!

warning: Your iPad must access code-server via a domain name. It could be local DNS like mymacbookpro.local but it must be a domain name. Otherwise Safari will refuse to allow WebSockets to connect.

  1. Your certificate must have a subject alt name that matches the hostname at which you will access code-server from your iPad. You can pass this to code-server so that it generates the certificate correctly with --cert-host.
  2. Share your self signed certificate with the iPad.
    • code-server will print the location of the certificate it has generated in the logs.
[2020-10-30T08:55:45.139Z] info    - Using generated certificate and key for HTTPS: ~/.local/share/code-server/mymbp_local.crt
  • You can mail it to yourself or if you have a Mac, it's easiest to just Airdrop to the iPad.
  1. When opening the *.crt file, you'll be prompted to go into settings to install.
  2. Go to Settings -> General -> Profile, select the profile and then hit Install.
    • It should say the profile is verified.
  3. Go to Settings -> About -> Certificate Trust Settings and enable full trust for the certificate.
  4. Now you can access code-server! 🍻