blog: add post for private CA usage

3 files changed, 40 insertions, 0 deletions

diff --git a/blog/ios-development-pro-tip-for-private-ca-2019-03-22.markdown b/blog/ios-development-pro-tip-for-private-ca-2019-03-22.markdown
new file mode 100644
index 0000000..65d1a62
--- /dev/null
+++ b/blog/ios-development-pro-tip-for-private-ca-2019-03-22.markdown
@@ -0,0 +1,40 @@
+---
+title: iOS Development Pro Tip for Private CA Usage
+date: 2019-03-22
+for: Katie Berry
+---
+
+# iOS Development Pro Tip for Private CA Usage
+
+In iOS, in order to get HTTPS working with certs from a private CA; there's another step you need to do if your users are on iOS 10.3 or newer (statistically: yes this matters to you). In order to do this:
+
+- Ensure they have installed the profile on their device
+- Open Settings
+- Select General
+- Select Profiles
+- Ensure your root CA name is visible in the profile list like this:
+
+<style>
+img {
+  max-width: 400px;
+}
+</style>
+
+<center>
+![](/static/img/ios_profiles.png)
+</center>
+
+- Go up a level to General
+- Select About
+- Select Certificate Trust Settings
+- Each root that has been installed via a profile will be listed below the heading Enable Full Trust For Root Certificates
+- Users can toggle on/off trust for each root:
+
+<center>
+![](/static/img/ios_cert_trust.png)
+</center>
+
+Please understand that by doing this, users will potentially be vulnerable to a
+[HTTPS man in the middle attack a-la Superfish](https://slate.com/technology/2015/02/lenovo-superfish-scandal-why-its-one-of-the-worst-consumer-computing-screw-ups-ever.html). Please ensure that you have appropriate measures in place to keep the signing key for the CA safe.
+
+I hope this helps.
diff --git a/static/img/ios_cert_trust.png b/static/img/ios_cert_trust.png
new file mode 100644
index 0000000..3673a4a
--- /dev/null
+++ b/static/img/ios_cert_trust.png
diff --git a/static/img/ios_profiles.png b/static/img/ios_profiles.png
new file mode 100644
index 0000000..295d07c
--- /dev/null
+++ b/static/img/ios_profiles.png