iOS 9 ATS SSL error with supporting server

Question

I installed Xcode 7 and tried running my app under iOS 9. I'm getting the infamous error: Connection failed! Error - -1200 An SSL error has occurred and a secure connection to the server cannot be made. The thing is my server DOES support TLSv1.2 and I'm using NSURLSession.

What could be the problem then?

Answer 1

Apple has released the full requirements list for the App Transport Security.

Turned out that we were working with TLS v1.2 but were missing some of the other requirements.

Here's the full check list:

1. TLS requires at least version 1.2.
2. Connection ciphers are limited to those that provide forward secrecy (see below for the list of ciphers.)
3. The service requires a certificate using at least a SHA256 fingerprint with either a 2048 bit or greater RSA key, or a 256bit or greater Elliptic-Curve (ECC) key.
4. Invalid certificates result in a hard failure and no connection.

The accepted ciphers are:

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA