Hi
The SSL communication using iPads has NOT been working well after upgrading to iOS9 last Fall.
All the iPads with iOS9 surely fail; iPads with iOS8 have been normally connected for about one year since last Winter and still now.
I wonder ATS(App Transport Security) would cause the failure.
According to the announcement, ATS seems to reject "an invalid certificate".
So, I'd like to know what "an invalid certificate" truly means.
Would you tell me if ATS can supports the server certificate signed with a PrivateCA in addition to a CommercialCA?
The following is our SSL environment:
[PrivateCA]
|
+---[SSL Server] --------------[SSL Clients(iPads-iOS8/iOS9)]
PrivateCA : Certificate Authority privately built up with self-signed certificate
SSL Server : SHA-256, RSA-2048
SSL Clients : PKCS#12
The announcement I mentioned is as follows:
-----------------
Requirements for Connecting Using ATS
The requirements for a web service connection to use App Transport Security
(ATS) involve the server, connection ciphers, and certificates, as follows:
-Certificates must be signed with one of the following types of keys:
-Secure Hash Algorithm 2 (SHA-2) key with a digest length of at least 256
(that is, SHA-256 or greater)
-Elliptic-Curve Cryptography (ECC) key with a size of at least 256 bits
-Rivest-Shamir-Adleman (RSA) key with a length of at least 2048 bits
An invalid certificate results in a hard failure and no connection.
-----------------