Client certificate authentication fails with iOS 13.4.1 (works with 13.2.2)

I've previously posted this question and since then further investigated the issue.

The problem seems to be the latest iOS (13.4.1), which fails to send the client certificate upon authentication requests.

To test this, I've set up a webserver, requiring a client certificate for authentication. The client certificate is installed on the iPhone. If I navigate to the website, iOS states that a client certificate is required and asks to use the installed one. Once I press continue the connection fails as no certificate is presented to the server.

Exactly the same setup on iOS 13.2.2 works as expected. Client certificate is installed, website is accessed, iOS asks about sending the certificate, iOS does so and access works fine.

I've written a bug report to Apple but have yet to hear from them.

Update: iPadOS 13.3.1 also works as expected.

Update: iOS Beta 13.4.5 has the same issue.


Does anyone else experience this issue or is this an isolated case for me? I've even hard-reset the iPhone to check if it was a problem with my setup.


Requirements for trusted certificates in iOS 13 and macOS 10.15

Does the client certificate meet Apple's latest certificate requirements?

All TLS server certificates must comply with these new security requirements in iOS 13 and macOS 10.15:

  • TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048 bits. Certificates using RSA key sizes smaller than 2048 bits are no longer trusted for TLS.
  • TLS server certificates and issuing CAs must use a hash algorithm from the SHA-2 family in the signature algorithm. SHA-1 signed certificates are no longer trusted for TLS.
  • TLS server certificates must present the DNS name of the server in the Subject Alternative Name extension of the certificate. DNS names in the CommonName of a certificate are no longer trusted.

While the document mentions server certificates, I suspect client certificates will also be rejected if they using SHA-1 or weak keys.

Debugging with openssl s_server

Try debugging the TLS connection with OpenSSL's test server, see Verify Incoming SSL Using OpenSSL S_Server for a related question.