I am building a command line app to interface to a Bosch Smart Home Controller (SHC) using URLSession and running into a problem with certificate authentication. Sending a request to the SHC results in a -1202 error "The certificate for this server is invalid..." which was expected as it's counted as a self-signed cert. In URLSessionDelegate SecTrustEvaluateWithError returned the CFError.localisedDescription Smart Home Controller Productive Root CA” certificate is not trusted So I used SecItemAdd to add this certificate to my login keychain and then set it to "Always Trust", but the error still persists. routines:OPENSSL_internal:SSLV3_ALERT_BAD_CERTIFICATE:/AppleInternal/Library/BuildRoots/a8fc4767-fd9e-11ee-8f2e-b26cde007628/Library/Caches/com.apple.xbs/Sources/boringssl/ssl/tls_record.cc:592:SSL alert number 42 I've tried various workarounds and also added an intermediate certificate received from the SHC to my login keychain with "Always Trust" set but the error persists - am I missing something?