Updated questions below - stuff before the update probably not necessary anymore. I'm using MKNetworkKit to handle the nitty gritty HTTPS communications with my server in my iOS app. I'm using a self-signed certificate, because I can securely communicate with both my server and client (because the code is installed via Apple's iOS App Store and not downloaded over the open internet as a typical web app is). It's using https and have the ssl argument set to YES. Here's the problem: my certificate is getting rejected somewhere along the way and I'm not sure how/where. I want to replace whatever checks are taking place right now with a simple check of the fingerprint on the certificate - if the fingerprint is correct, then the client is communicating securely with my server. If the fingerprint is wrong, then a man-in-the-middle attack is taking place and someone else is pretending to be my server. Here's the logged output: Code: Test Suite 'All tests' started at 2014-05-21 22:32:53 +0000 Test Suite 'iOSAPITests.xctest' started at 2014-05-21 22:32:53 +0000 Test Suite 'iOSAPITests' started at 2014-05-21 22:32:53 +0000 Test Case '-[iOSAPITests testGetNull]' started. 2014-05-21 18:32:53.675 xctest[2235:303] -[MKNetworkEngine reachabilityChanged:] [Line 210] Server [mydomain.com] is reachable via Wifi 2014-05-21 18:32:54.222 xctest[2235:303] -[MKNetworkOperation connection:willSendRequestForAuthenticationChallenge:] [Line 1148] Certificate is invalid, continuing without credentials. Might result in 401 Unauthorized 2014-05-21 18:32:54.276 xctest[2235:2203] NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813) 2014-05-21 18:32:54.303 xctest[2235:303] -[MKNetworkOperation operationFailedWithError:] [Line 1505] Wednesday, May 21, 2014 at 6:32:54 PM Eastern Daylight Time Request ------- curl -X GET 'https://mydomain.com:80/myapp/.json', [The certificate for this server is invalid. You might be connecting to a server that is pretending to be “mydomain.com” which could put your confidential information at risk.] Port 80 isn't a typo in the logs, in case you caught that. I really have https running off of port 80 on my server, just because it's not working for some reason when I switch it to port 334... I'll investigate that later... I don't think it's related to this certificate authentication issue... Updated questions I solved the prior issue by setting shouldContinueWithInvalidCertificate to YES on each operation as I created it. So now my operations work and communications are encoded, but I can't be certain on the client end that a man-in-the-middle attack isn't taking place. I need a way to test the certificate myself. MKNetworkKit uses NSURLConnection... is it possible for me to get at the certificate and test it? This page here: https://developer.apple.com/library...rotectionSpace_Class/Reference/Reference.html Suggests that I should read But that's not a link. I've googled for it and haven't found anything yet.