With my testing for iOS 11 I’ve noticed that the untrusted ssl certificates now require more inputs from the user and safari behaves a lot like Google chrome.
Here are some examples:
iOS 10
User attempts to access a page with an untrusted ssl certificate
User just has to hit continue
iOS 11
User attempts to access a page with an untrusted ssl certificate
User has to now go to show details, and click on “Visit this website”
You can test the scenarios yourself by using https://badssl.com this site contains a number of examples of bad certificates that you can run through on the device.
Just to add that on supervised devices, if one installs a Certificate payload via the Apple Configurator, the certificate is automatically marked as trusted in Settings / About / Certificate Trust Settings.
Even on un-supervised devices if a certificate is installed automatically i.e. apple configurator or MDM it should automatically set to trusted (as per Apple iOS 11 keynote)
I thought so too, but from my tests that doesn’t seem to be the case, at least not in the GM. Installing a root certificate payload on an unsupervised device does not activate full trust for that certificate. Maybe I’m missing something, not sure.
