Comment by m463
Can you add your own CA cert to your device?
Can you add your own CA cert to your device?
You can, but I find that much less secure than being able to TOFU a self-signed certificate:
I once did this, and besides being incredibly unergonomic, now I have to either securely destroy or safely store the signing key for the self-signed CA, or risk malware from performing an MITM against any app on my device, and not just e.g. the email client.
does iphone support name constraints on CA certificates? (https://systemoverlord.com/2020/06/14/private-ca-with-x-509-...)
Yes, I have a private CA I install on all my Apple devices for my self-signed certs. After I have the root CA on the device, it looks like any other valid SSL to iOS / macOS.