Apple is enforcing a stronger encryption that applications need to use when connecting to their backends. Is your server secure enough to meet Apple’s standards? Being HTTPS doesn’t necessarily imply that it’s good enough.
Apple’s latest operating system updates – iOS 9 and OS X El Capitan – are enforcing stronger network encryption. This is wonderful for users – however it could mean extra work for developers and system administrators.
In short, applications are strongly encouraged to use HTTPS, TLS 1.2 and perfect forward secrecy. You might be saying to yourself, “We’re already serving through HTTPS, so we’re good.” As it turns out, it may not be that simple. It isn’t for Microsoft and you could be affected as well. Yes, at least one of Microsoft’s web services isn’t yet up to Apple’s security standards as of this writing.
Cocoa stores cookies on its own and this makes it hard to implement a web client that appears as more than one user at the same time to the web server. To do this you’ll need to make your own cookie storage and this article teaches you how.