top | item 41603569

(no title)

ehhthing | 1 year ago

It supported using self signed certs, but if the server suddenly switched from a self signed to a trusted CA-signed certificate, no prompt would be given. So the idea that self signed certificates are somehow more secure for this specific purpose is incorrect.

discuss

detourdog|1 year ago

It was a complex Trust relationship and Apple’s it just work was onerous to work around. When security is the top priority I would alway go with self-signed certificates.