According to the announcement https://support.apple.com/en-us/HT207459, user-installed SHA-1 certificates are not affected by the change in support of SHA-1 signed certificates.
But connection to our backend server on iOS 10.3 beta fails because of unknown CA. Installed certificates are ignored.
- Server certificate, CA certificate and all intermediate certificates are installed on the iOS device.
- All the certificates are SHA-1 signed.
- Certificates are installed using configuration profile in Apple Configurator.
- Connection fails using both NSURLSession and NSURLConnection.
- In previous iOS version the communication with the server works fine.
Is it a bug in iOS 10.3 beta or is there some additional setting to allow SHA-1 certificates?