Strange issues with certificates on iOS


Good to know: in case of HTTPS/SSL/TLS connection iOS devices cache the used certificate. The side effect come along when you create (get) certificate at runtime and try to use them to connect to a server. The first time you get the certificate challenge, but not the second time – at least if you try within 10 minutes. This is because iOS (and MAC OS) uses a TLS cache because the computational cost to set up a TLS connection is expensive (because of asymmetric key exchange).

To understand why it is necessary read: http://andras.palfi.hu/to-know-how-symmetricasymmetric-encryption-is-used-in-every-day/

The problem occurs using NSURLConnection or using the same NSURLSession instance.

More precisely the relevant Apple note: https://developer.apple.com/library/ios/qa/qa1727/_index.html

Quick solution: use new NSURLSession instances when you want to use different certificates.