This article has been archived and is no longer updated by Apple.

Enterprise security requirements in iOS 9 and OS X El Capitan

If you're an enterprise server administrator or app developer, make sure that iOS 9 and OS X El Capitan customers can use your Internet services and apps.

Set a strong group size for Diffie-Hellman key exchange

If your service uses Diffie-Hellman key exchange, set the group size to a minimum of 1024 bits. A group size of 2048 bits or greater is recommended.

If your app or service doesn't meet this requirement, devices that use iOS 9 or OS X El Capitan might not be able to connect to it. For example, Safari might say that it can't establish a secure connection.

Learn more

Learn more about using modern cryptographic practices when setting up SSL and TLS services.

Mac computers using OS X El Capitan display the message SSLHandshake failed (-9850) in the Console app when trying to connect to a service that doesn't meet these requirements.

Contact the vendor for additional information.

Published Date: