Last updated:2021-03-15 15:37:50

Applications on the iOS platform

From January 1, 2017, Apple requires that all applications in the iOS Apple Store use HTTPS for encrypted data transmission. App Transport Security (ATS) forces the following rigid requirements:

  • Use TLS 1.2 or higher. TLS is the successor protocol to SSL.

  • The communication encryption suite must support forward secrecy.

  • Digital certificates must use SHA256 or a higher-level signature hash algorithm. The keys must be RSA keys with 2048 bits or more, or ECC keys with 256 bits or more.

Updates for applications in the Apple Store that had passed verification before January 1, 2017 must pass a second verification based on ATS. HTTPS is not required only on the following items: browsers, video and audio resources, applications that use Apple lower-layer network APIs, use third-party network library APIs, or call the Safari process to load pages.

Website services

To use HTTPS for encrypted data transmission, use a DV or OV certificate.

Finance and government website services

To satisfy higher encryption requirements and display organization information in the web browser address bar, use an EV certificate.

Mobile games

For applications to use HTTPS for encrypted data transmission, use an OV certificate.

Did you find the above information helpful?

Mostly Unhelpful
A little helpful
Very helpful

What might be the problems?

Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions


Please give us your feedback.


Thank you for your feedback.