With iOS 10.3 Apple changed the mechanism for trusting a self-signed certificate. Before you simply just send the PEM file to your phone and it would install as a profile and the certificate would be trusted. Now that's no longer the case as even after installing the certificate, the cert is not trusted.
Even when I use Apple Configurator to make a profile that trusts my cert, it still doesn't behave as trusted on the system.
How do I trust a self-signed certificate in iOS 10.3?
Best Answer
I've identified that the specific parameter that Apple looks for when allowing you to manually trust a certificate is the CA Basic Constraint (E.G.
critical,CA:true
). If the certificate has this extension, the system will allow you to manually trust the certificate.However the process has one extra step (as opposed to iOS 9.3):