Enterprise security requirements in iOS 9 and OS X El Capitan

If you're an enterprise server administrator or app developer, make sure that iOS 9 and OS X El Capitan customers can use your Internet services and apps.

Set a strong group size for Diffie-Hellman key exchange

If your service uses Diffie-Hellman key exchange, set the group size to a minimum of 1024 bits. A group size of 2048 bits or greater is recommended.

If your app or service doesn't meet this requirement, devices that use iOS 9 or OS X El Capitan might not be able to connect to it. For example, Safari might say that it can't establish a secure connection.

Learn more

Learn more about using modern cryptographic practices when setting up SSL and TLS services.

Mac computers using OS X El Capitan display the message SSLHandshake failed (-9850) in the Console app when trying to connect to a service that doesn't meet these requirements.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information. Other company and product names may be trademarks of their respective owners.

Published Date: