NEXT Engineering
Published in

NEXT Engineering

Self-signed certificates in iOS apps

How to register self-signed certificates on your iPhone/iPad to use them in Cordova hybrid apps

Apps should communicate securely via SSL with their backend. Self-signed certificates are an inexpensive option to use SSL communication also in development environments.

By default, iOS will block all communication attempts of a Cordova app with a self-signed certificate. You will see an error message along those lines:

[Error] WebSocket network error: The operation couldn’t be completed. (OSStatus error -9807.)

The error code 9807 points to an invalid certificate chain because your self-signed certificate wasn’t based on one of iOS’s trusted root certificates (like Comodo or GoDaddy).

So how to make iOS accept your self-signed certificate?

First, email your root certificate (e.g. fake-root-cert.pem) to yourself. Next, open the email on your phone, and click the attachment. This will open the iOS Setting up and offer you to install the certificate as a Profile.

Click on emailed certificate to install it as Profile

Second, instruct iOS to fully trust the installed root certificate. For this, open again the iOS Settings app. Then navigate to “General” > “About” > “Certificate Trust Settings”. In the section “Enable Full Trust for Root Certificates”, enable your root certificate.

Trust your root certificate

With this, your app can connect now with the self-signed certificate to the backend.

Happy coding!

--

--

NEXT is collaborative product discovery platform. Product teams at hundreds of organizations including Deloitte, Canon, Bosch, CGI, and BASF use NEXT to engage with their customers, gather evidence of their unmet needs and aspirations, and iterate offerings their users love.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store