iOS 13 TLS issue

Question

I have installed iOS 13 beta version and run my framework which contains a lot of network requests, but I got this error:

2019-09-19 15:01:33.566811+0200 ---[395         


        

Answer 1

I'm going to add some additional information. To check that your certificate is valid you can open it in Keychain Access and check that it contains correct information:

• It expires in less than 825 days;
• Signature algorithm isn't SHA-1 (SHA-256, probably);
• Public key size isn't smaller than 2048 bits;
• There's Extended Key Usage extension with "Server Authentication" purpose;
• There's Subject Alternative Name extension that contains server's DNS.

Config example for OpenSSL:

[ ca ]
default_ca = CA_default
[ CA_default ]
default_md = sha256
default_days = 825
[ req ]
prompt             = no
default_bits       = 4096
distinguished_name = req_distinguished_name
x509_extensions     = req_ext
[ req_distinguished_name ]
countryName                = ...
stateOrProvinceName        = ...
localityName               = ...
organizationName           = ...
commonName                 = google.com
[ req_ext ]
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = google.com
DNS.2 = www.google.com

To generate new key-certificate pair run this command:

openssl req -newkey rsa:4096 -nodes -keyout key.pem -x509 -out certificate.crt -days 825 -config config.cnf