How to trust a self-signed certificate


we have a setup, where our app is required to connect to a remove REST-API on a server, which uses a self-signed certificate. As this is all within a closed, secured network, this is no issue security-wise. However, the app refuses to connect to the server.

We tried to import the root-certificate on the iPad, which works perfectly in Safari-Browser. But the app still refuses to connect, telling that the certificate is invalid.

Any hints or ideas how we can solve the issue are highly appreciated :wink:

Thanks, Heiner

LetsEncrypt provides free certs. I would just use one of those.

No option. The system is provided by our customer who will not provide “real” certificates. Anyhow, after fixing the server configuration, everything works fine. I’m just still confused why the browser behaves differently from the compiled app.

Because mobile OS makers are proactively attempting to drag people like your customer into the 21st century by mandating proper security.