This article has been archived and is no longer updated by Apple.

Enterprise security requirements in iOS 9 and OS X El Capitan

If you're an enterprise server administrator or app developer, make sure that iOS 9 and OS X El Capitan customers can use your Internet services and apps.

Set a strong group size for Diffie-Hellman key exchange

If your service uses Diffie-Hellman key exchange, set the group size to a minimum of 1024 bits. A group size of 2048 bits or greater is recommended.

If your app or service doesn't meet this requirement, devices that use iOS 9 or OS X El Capitan might not be able to connect to it. For example, Safari might say that it can't establish a secure connection.

Learn more

Learn more about using modern cryptographic practices when setting up SSL and TLS services.

Mac computers using OS X El Capitan display the message SSLHandshake failed (-9850) in the Console app when trying to connect to a service that doesn't meet these requirements.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: October 19, 2023