iOS9 requires the server to only support TLSv1.2 and support perfect forward security.
Also required is for the app to support IPV6 including not using hard-coded IP addresses. Suggested is to use NSURLSession
. Otherwise exception additions must be made in the app plist.
See the WWDC-15 session “Security and your Apps”.
Also see Steven Peterson’s Blog for details.