In general App Transport Security (ATS) does not apply to daemons. The “App” in the name is meant to be taken literally: The extra security checks done by ATS only apply to apps and app-like things, for example, app extensions. Given that, testing with
nscurl
is not meaningful because the
--ats-diagnostics
option causes it to enable ATS even though, as a command-line tool, it wouldn’t normally be enabled.
I need to talk to a self-signed server from a daemon process running even when no user is logged in.
You shouldn’t need to mess with ATS to achieve this goal. The best way to proceed really depends on the specifics of your environment. Is this a test server? A server deployed in a managed environment, like a business or a school? A local server, for example, on a Wi-Fi based accessory? Or something else?
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"