Christine Dodrill - Blog - Contact - Resume - Talks | GraphViz - When Then Zen

iOS Development Pro Tip for Private CA Usage

In iOS, in order to get HTTPS working with certs from a private CA; there’s another step you need to do if your users are on iOS 10.3 or newer (statistically: yes this matters to you). In order to do this:

Please understand that by doing this, users will potentially be vulnerable to a HTTPS man in the middle attack a-la Superfish. Please ensure that you have appropriate measures in place to keep the signing key for the CA safe.

I hope this helps.

This article was posted on 2019-03-22. Facts and circumstances may have changed since publication. Please contact me before jumping to conclusions if something seems wrong or unclear.