I am using an HTTPS connection to my remote API example here to secure the data being transferred. Even though it worked like a charm on iOS 8 it does not on iOS 9 (SSL Handshake failed). After a few researches it looked like my certificate used a cipher Apple decided not to support by default on iOS 9. So I overrode this by allowing other ciphers with NSExceptionRequiresForwardSecrecy. I am not very familiar with certificates so I do not know what cipher I am currently using but it looks fine in all my web browser so I am guessing it is a good one after all.
My question is: Given the fact that I had to override AppTransportSecurity to allow an older cipher that I do not know but that you may find in the certificate using the link above, and the fact that I am transporting sensitive information like credit card details to my website, and that my website using the same certificate looks secure on all browsers, will you consider that this connection is safe, and will Apple allow it?
