{"id":542,"date":"2016-03-08T15:24:29","date_gmt":"2016-03-08T14:24:29","guid":{"rendered":"http:\/\/andras.palfi.hu\/?p=542"},"modified":"2016-03-08T15:24:29","modified_gmt":"2016-03-08T14:24:29","slug":"strange-issues-with-certificates-on-ios","status":"publish","type":"post","link":"https:\/\/andras.palfi.hu\/?p=542","title":{"rendered":"Strange issues with certificates on iOS"},"content":{"rendered":"<p>\t\t\t\tGood to know: in case of HTTPS\/SSL\/TLS connection iOS devices cache the used certificate. The side effect come along when you create (get) certificate at runtime and try to use them to connect to a server. The first time you get the certificate challenge, but not the second time &#8211; at least if you try within 10 minutes. This is because iOS (and MAC OS) uses a TLS cache because the computational cost to set up\u00a0a TLS connection is expensive (because of asymmetric key exchange).<\/p>\n<p>To understand why it is necessary read:\u00a0<a href=\"http:\/\/andras.palfi.hu\/to-know-how-symmetricasymmetric-encryption-is-used-in-every-day\/\">http:\/\/andras.palfi.hu\/to-know-how-symmetricasymmetric-encryption-is-used-in-every-day\/<\/a><\/p>\n<p>The problem occurs using\u00a0NSURLConnection or using the same NSURLSession instance.<\/p>\n<p>More precisely the relevant Apple note:\u00a0<a href=\"https:\/\/developer.apple.com\/library\/ios\/qa\/qa1727\/_index.html\">https:\/\/developer.apple.com\/library\/ios\/qa\/qa1727\/_index.html<\/a><\/p>\n<p>Quick solution: use new NSURLSession instances when you want to use different certificates.\t\t<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Good to know: in case of HTTPS\/SSL\/TLS connection iOS devices cache the used certificate. The side effect come along when you create (get) certificate at runtime and try to use them to connect to a server. The first time you get the certificate challenge, but not the second time &#8211; at least if you try [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"hide_page_title":"","footnotes":""},"categories":[3,4],"tags":[],"_links":{"self":[{"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=\/wp\/v2\/posts\/542"}],"collection":[{"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=542"}],"version-history":[{"count":0,"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=\/wp\/v2\/posts\/542\/revisions"}],"wp:attachment":[{"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=542"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=542"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/andras.palfi.hu\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=542"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}