It seems Apple has added an extra step to get self signed certificates working. You now have to manually go in and approve the downloaded certificate as a provider before it can be enabled with full trust.
So it seems we need to update our instructions for this workaround.
Fixed for iOS 12 now.
The iPad got upgraded to iOS 13 and I cannot get things to work. The instructions seem correct, but Safari refuses to connect to the VNC session.
This is what I see in the server log:
> 2019-10-16 09:38:32 INFO tlwebaccess: [::ffff:10.48.0.101] 'GET /vendor/pako/lib/zlib/inffast.js HTTP/1.1' 200 -
> 2019-10-16 09:38:32 INFO tlwebaccess: [::ffff:10.48.0.101] 'GET /vendor/pako/lib/zlib/adler32.js HTTP/1.1' 200 -
> 2019-10-16 09:38:32 INFO tlwebaccess: [::ffff:10.48.0.101] 'GET /vendor/pako/lib/zlib/inftrees.js HTTP/1.1' 200 -
> 2019-10-16 09:38:33 ERROR tlwebaccess: [::ffff:10.48.0.101] gnutls_handshake: The TLS connection was non-properly terminated.
> 2019-10-16 09:38:33 INFO tlwebaccess: [::ffff:10.48.0.101] 'GET /app/images/error.svg HTTP/1.1' 200 -
So it seems it bails out during the TLS handshake for the WebSocket connection. Just like when it doesn't like a certificate.
Works fine for eudemo though, so it doesn't seem to be a general problem.
Hooked it up to the mac and got an error code out of it: "OSStatus -9807", which apparently means errSSLXCertChainInvalid.
So right now it does indeed look like they've changed something regarding certificate checking. :/
Seeing this connection error for multiple machines, so it is unrelated to this bug. Moving to bug 7401.
After producing a proper certificate on bug 7401 everything now works fine. So the new instructions are correct.