ios13 tls certificates issue - connection error

Question

Since the release of ios13 I have a strange problem in my iOS app due to tls connection error to my backend. If I try to connect to the backend via the simulator (iOS 13) it works fine, if I install the app on the physical device (iOS 13.1) I can't connect anymore due to:

2019-10-01 13:24:12.862510+0200 CopApp[1830:506662] [] tcp_input [C1.1:3] flags=[R.] seq=2608024828, ack=2612553500, win=28408 state=ESTABLISHED rcv_nxt=2608024828, snd_una=2612553500
2019-10-01 13:24:12.869115+0200 CopApp[1830:506662] Connection 1: received failure notification
2019-10-01 13:24:12.869360+0200 CopApp[1830:506662] Connection 1: received ECONNRESET with incomplete TLS handshake - generating errSSLClosedNoNotify
2019-10-01 13:24:12.869526+0200 CopApp[1830:506662] Connection 1: failed to connect 3:-9816, reason -1
2019-10-01 13:24:12.869684+0200 CopApp[1830:506662] Connection 1: encountered error(3:-9816)
2019-10-01 13:24:28.124012+0200 CopApp[1830:506782] [] tcp_input [C2.1:3] flags=[R.] seq=3652579464, ack=755757394, win=28408 state=ESTABLISHED rcv_nxt=3652579464, snd_una=755757394
2019-10-01 13:24:28.128402+0200 CopApp[1830:506782] Connection 2: received failure notification
2019-10-01 13:24:28.128627+0200 CopApp[1830:506782] Connection 2: received ECONNRESET with incomplete TLS handshake - generating errSSLClosedNoNotify
2019-10-01 13:24:28.128793+0200 CopApp[1830:506782] Connection 2: failed to connect 3:-9816, reason -1
2019-10-01 13:24:28.128949+0200 CopApp[1830:506782] Connection 2: encountered error(3:-9816)
2019-10-01 13:24:43.584026+0200 CopApp[1830:506831] [] tcp_input [C3.1:3] flags=[R.] seq=984907791, ack=487743401, win=28408 state=ESTABLISHED rcv_nxt=984907791, snd_una=487743401
2019-10-01 13:24:43.587452+0200 CopApp[1830:506831] Connection 3: received failure notification
2019-10-01 13:24:43.587674+0200 CopApp[1830:506831] Connection 3: received ECONNRESET with incomplete TLS handshake - generating errSSLClosedNoNotify
2019-10-01 13:24:43.587839+0200 CopApp[1830:506831] Connection 3: failed to connect 3:-9816, reason -1
2019-10-01 13:24:43.588047+0200 CopApp[1830:506831] Connection 3: encountered error(3:-9816)
2019-10-01 13:24:43.594292+0200 CopApp[1830:506831] Task <DAEFF7C7-DF2E-4DCB-9BF9-2A7825D56AF2>.<1> HTTP load failed, 0/0 bytes (error code: -1200 [3:-9816])
Si è verificato un errore SSL ed è impossibile effettuare una connessione sicura con il server.

Obviously the backend is the same and it's covered by an aws certificate created by aws certificate manager. I think the problem is not the certificate because I think it is compliant to the new apple's certificates policy but I can't understand where the problem is.

Could you please help me?

Thanks

Answer 1

Please keep in mind that since the iOS 13 there are new requirements for trusted certificates. Make sure that the SSL certificate complies to these requirements otherwise the connection won't be possible.

You can find these requirements on the official Apple note - Requirements for trusted certificates in iOS 13 and macOS 10.15

You can inspect the certificate using for example OpenSSL:

openssl s_client -showcerts -connect yourServer:serverPort