iOS Development Pro Tip for Private CA Usage

Published on 03/22/2019, 190 words, 1 minutes to read

In iOS, in order to get HTTPS working with certs from a private CA; there's another step you need to do if your users are on iOS 10.3 or newer (statistically: yes this matters to you). In order to do this:

Please understand that by doing this, users will potentially be vulnerable to a HTTPS man in the middle attack a-la Superfish. Please ensure that you have appropriate measures in place to keep the signing key for the CA safe.

I hope this helps.

Facts and circumstances may have changed since publication. Please contact me before jumping to conclusions if something seems wrong or unclear.