I've installed a SSL client certificate into the version of Safari that comes with iOS 11.4.1. It apparently allows me to access a protected site as expected.
Are there any specific privacy issues that may result from this installation? In particular, how does Safari decide when to present certificates such as mine to web sites? I'd ideally like to have a configuration where Safari ties the certificate to a particular site (or URL) and presents the certificate (i.e. attempts authentication with it) only when I visit that site. Is that possible?
Best Answer
Safari (or any other web client) doesn't present its client certificate unless requested by the website. So your client certificate is safe. The server is always the one asking for the certificate, sending along its own certificate. Therefore, your browser will see that the certificate do not match the one you have and will result in failure, unless the server sends the right certificate to match yours, in this case, you can be sure you're on the good website.