1 Reply
      Latest reply: Nov 17, 2016 1:43 AM by eskimo RSS
      jeffreyzhao Level 1 Level 1 (0 points)



        I have upgraded my server with Jetty 9.3 to enable HTTP/2.

        My App is using  NSURLSession, is there a way to retreive from the response the TSL version that has been used with the server?

        • Re: How to know in IOS 9 which version of TLS is used
          eskimo Apple Staff Apple Staff (8,720 points)

          There’s no way to get the TLS version that was used for a particular HTTP transaction.  This would make a fine enhancement request for NSURLSessionTaskTransactionMetrics.

          If you want to find out the version of TLS used on a one-off basis, you can look at a packet trace.  See QA1176 Getting a Packet Trace for references to various packet trace tools.

          If you want to force a particular TLS version to be used, you can do this in two ways:

          • If you don’t disable App Transport Security (ATS) for your server, it will enforce TLS 1.2 (or later, if and when such a standard is published and Apple’s OSes support it).

          • You can also pin the minimum and maximum TLS versions by setting the TLSMinimumSupportedProtocol and TLSMaximumSupportedProtocol property in the NSURLSessionConfiguration you use to configure your session.

          It’s very likely that any server that supports HTTP/2 will also support TLS 1.2, so pinning the minimum TLS version isn’t a bad idea.

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"