iOS 11, 12, and 13 installed certificates not trusted automatically (self signed)
While writing this question, I discovered the answer. Installing a CA from Safari no longer automatically trusts it. I had to manually trust it from the Certificate Trust Settings panel (also mentioned in this question).
I debated canceling the question, but I thought it might be helpful to have some of the relevant code and log details someone might be looking for. Also, I never encountered the issue until iOS 11. I even went back and reconfirmed that it automatically works up through iOS 10.
I've never needed to touch that settings panel before, because any installed certificates were automatically trusted. Maybe it will change by the time iOS 11 ships, but I doubt it. Hopefully this helps save someone the time I wasted.
If anyone knows why this behaves differently for some people on different versions of iOS, I'd love to know in comments.
Update 1: Checking out the first iOS 12 beta, it looks like things remain the same. This question/answer/comments are still relevant on iOS 12.
Update 2: Same solution seems to be needed on iOS 13 beta builds as well.
How to install my server's self-signed certificate on an iPad
This might help found this Apple Support post:
I would import the cert on a desktop system through Firefox, then export with private key in
.p12
form. Email the resulting cert and you should be all set.
http://discussions.apple.com/thread.jspa?threadID=2652502&tstart=0
iOS 11 simulator problems with private CA
This ended up being a bug in the iOS certificate manager. The root certificate did not have a CN, which is optional. The CN in the root is not used for any part of the verification function. The lack of the CN was confusing the cert manager and it didn't display it in the certificate management panel. One of the Apple Developer SMEs has filed a bug report.
Self-Signed CA not trusted in iOS 13 anymore
Nothing is known about your certificate but it might be that it is not meeting the new requirements introduced in iOS 13. Requirements for trusted certificates in iOS 13 and macOS 10.15 describes these and these include that RSA keys must be at least 2048 bits and it is no longer possible to use SHA-1 as signature algorithm.
Related Topics
How to Chain Filters in Metal for iOS
How to Request Photo Gallery Permissions in iOS a Second Time
Xcode 8.3 Swift Version Error (Swift_Version) in Objective C Project
Spritekit Not Respecting Zposition
How to Set Size Leftbarbuttonitem
Applying Different Attributes for Different Portions of an Nsattributedstring
Swift Uiview Opacity Programmatically
Xcode Debug View Hierarchy: Unable to Capture View Hierarchy
Uicollectionview Inside Tableviewcell Not Called
React Native 0.40.0: Rctbundleurlprovider.H" File Not Found - Appdelegate.M
I Get Nil When Using Nsdateformatter in Swift