The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Login failures for Apple devices when HTTPS Inspection is enabled on the Security Gateway
Gaia, SecurePlatform 2.6
Platform / Model
After an Apple device is upgraded to iOS 9, it is no longer able to access Apple services and resources (Xcode, iCloud,or software upgrade using iTunes App Store) when HTTPS Inspection is enabled on the Security Gateway.
Note: This behavior is also observed when bypassing HTTPS Inspection.
SmartView Tracker logs shows: Certificate Chain is not signed by a Trusted CA. Certificate DN: 'C=US,O=Apple Inc.,OU=IS&T,CN=gsa.apple.com' Requested Server Name: gsa.apple.com.
Newer authentication which uses Apple Root CA is not included in the Security Gateway's HTTPS Inspection Trusted CAs.