Post not yet marked as solved
Thanks for this information. I'll investigate the options you gave.
Post not yet marked as solved
Hi Eskimo,When i say certificate Pinning it's really the fact that i created a class that implements NSURLProtocol class to generate my own keystore and validate some specific certificates for our internal devs environments. The issue i'm actually having is the fact we establish a TlsSession from our native code to handle most of our feature inside the App except some old features that are implemented inside the UIWebView (not the WKWebView). Once we load the features from the WebView it manage to re-use the session previouly created in the native part of the App. The issue comes when we comeback into the native part of the app. No more ways to connect to the server from native code. From the Tls standpoint i started to get "Inappropriate Fallback". So i figured out that the client somewhere in the native send a TLS_SVC_FALLBACK in tls and it seems to try to switch in TLSv1. In the native code i forced MinimumTlsVersion to TLSv1.2 but then i started to get Tls Handshake failures.Based on what i explained above, do you still think that we must switch to trusted certificate even in our dev Environments ?Thanks for all your informations,
Post not yet marked as solved
Hi again,I figured out that once i switch from the WebView into my Native App and try a NSUrlConnection i'm getting the TLS Client asking for TLS_FALLBACK_SCSV.The server return an Inappropriate Fallback message and it stop there.Could you tell me what inside IOS decide to send that TLS_FALLBACK_SCSV flag ...
