iOS9 GoogleAnalytics and NSAppTransportSecurity
Actually the above configuration was slightly wrong, I found a working approach.
-- Short story start --
Basically, the above approach was mostly correct, but I came up to check the configuration again, when I had a look at the established network connection from Mac OS 10.10 and OS 10.11
openssl s_client -connect ssl.google-analytics.com:443 -status
Mac OS 10.10 made use of TLSv1.2, while Mac OS 10.11 for whatever reason used TLSv1.0
-- Short story end --
So, after rethinking the attributes, I removed the Certificate transparency NSRequiresCertificateTransparency
, as the default is also set to be false and not true. The following configuration now works for me:
<key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <false/> <key>NSExceptionDomains</key> <dict> <key>ssl.google-analytics.com</key> <dict> <key>NSThirdPartyExceptionMinimumTLSVersion</key> <string>TLSv1.2</string> <key>NSThirdPartyExceptionRequiresForwardSecrecy</key> <false/> <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key> <true/> </dict> </dict> </dict>
Additional note: although google makes use of this "experimental standard" (certificate transparency):https://en.wikipedia.org/wiki/Certificate_TransparencyIt seems to not make use of it in google analytics :-)