Apple - How do I trust a self-signed certificate in iOS 10.3?

I've identified that the specific parameter that Apple looks for when allowing you to manually trust a certificate is the CA Basic Constraint (E.G. critical,CA:true). If the certificate has this extension, the system will allow you to manually trust the certificate.

However the process has one extra step (as opposed to iOS 9.3):

  1. Export the certificate as PEM format
  2. Send the certificate to the device (Safari, Email, AirDrop, etc...) and open it
  3. A message will appear telling you the profile has been downloaded. modal message reading "review the profile in the settings app if you want to install it"
  4. Open the settings app and tap the "Profile Downloaded" item below your Apple ID row. ios settings app
  5. Install the Certificate. You will have to provide your devices passcode. example certificate install prompt
  6. Navigate to Settings -> General -> About -> Certificate Trust Settings
  7. Enable full trust for your certificate certificate trust settings

Tags:

Ios

Security

Keychain

Recent Posts