I am trying to convert a simple URLSession request in Swift to using NWConnection. This is because I want to make the request using a Proxy that requires Authentication. I posted this SO Question about using a proxy with URLSession. Unfortunately no one answered it but I found a fix by using NWConnection instead. Working Request func updateOrderStatus(completion: @escaping (Bool) -> Void) { let orderLink = "https://shop.ccs.com/51913883831/orders/f3ef2745f2b06c6b410e2aa8a6135847" guard let url = URL(string: orderLink) else { completion(true) return } let cookieStorage = HTTPCookieStorage.shared let config = URLSessionConfiguration.default config.httpCookieStorage = cookieStorage config.httpCookieAcceptPolicy = .always let session = URLSession(configuration: config) var request = URLRequest(url: url) request.httpMethod = "GET" request.setValue("text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", forHTTPHeaderField: "Accept") request.setValue("none", forHTTPHeaderField: "Sec-Fetch-Site") request.setValue("navigate", forHTTPHeaderField: "Sec-Fetch-Mode") request.setValue("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0.1 Safari/605.1.15", forHTTPHeaderField: "User-Agent") request.setValue("en-US,en;q=0.9", forHTTPHeaderField: "Accept-Language") request.setValue("gzip, deflate, br", forHTTPHeaderField: "Accept-Encoding") request.setValue("document", forHTTPHeaderField: "Sec-Fetch-Dest") request.setValue("u=0, i", forHTTPHeaderField: "Priority") // make the request } Attempted Conversion func updateOrderStatusProxy(completion: @escaping (Bool) -> Void) { let orderLink = "https://shop.ccs.com/51913883831/orders/f3ef2745f2b06c6b410e2aa8a6135847" guard let url = URL(string: orderLink) else { completion(true) return } let proxy = "resi.wealthproxies.com:8000:akzaidan:x0if46jo-country-US-session-7cz6bpzy-duration-60" let proxyDetails = proxy.split(separator: ":").map(String.init) guard proxyDetails.count == 4, let port = UInt16(proxyDetails[1]) else { print("Invalid proxy format") completion(false) return } let proxyEndpoint = NWEndpoint.hostPort(host: .init(proxyDetails[0]), port: NWEndpoint.Port(integerLiteral: port)) let proxyConfig = ProxyConfiguration(httpCONNECTProxy: proxyEndpoint, tlsOptions: nil) proxyConfig.applyCredential(username: proxyDetails[2], password: proxyDetails[3]) let parameters = NWParameters.tcp let privacyContext = NWParameters.PrivacyContext(description: "ProxyConfig") privacyContext.proxyConfigurations = [proxyConfig] parameters.setPrivacyContext(privacyContext) let host = url.host ?? "" let path = url.path.isEmpty ? "/" : url.path let query = url.query ?? "" let fullPath = query.isEmpty ? path : "\(path)?\(query)" let connection = NWConnection( to: .hostPort( host: .init(host), port: .init(integerLiteral: UInt16(url.port ?? 80)) ), using: parameters ) connection.stateUpdateHandler = { state in switch state { case .ready: print("Connected to proxy: \(proxyDetails[0])") let httpRequest = """ GET \(fullPath) HTTP/1.1\r Host: \(host)\r Connection: close\r Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0.1 Safari/605.1.15\r Accept-Language: en-US,en;q=0.9\r Accept-Encoding: gzip, deflate, br\r Sec-Fetch-Dest: document\r Sec-Fetch-Mode: navigate\r Sec-Fetch-Site: none\r Priority: u=0, i\r \r """ connection.send(content: httpRequest.data(using: .utf8), completion: .contentProcessed({ error in if let error = error { print("Failed to send request: \(error)") completion(false) return } // Read data until the connection is complete self.readAllData(connection: connection) { finalData, readError in if let readError = readError { print("Failed to receive response: \(readError)") completion(false) return } guard let data = finalData else { print("No data received or unable to read data.") completion(false) return } if let body = String(data: data, encoding: .utf8) { print("Received \(data.count) bytes") print("\n\nBody is \(body)") completion(true) } else { print("Unable to decode response body.") completion(false) } } })) case .failed(let error): print("Connection failed for proxy \(proxyDetails[0]): \(error)") completion(false) case .cancelled: print("Connection cancelled for proxy \(proxyDetails[0])") completion(false) case .waiting(let error): print("Connection waiting for proxy \(proxyDetails[0]): \(error)") completion(false) default: break } } connection.start(queue: .global()) } private func readAllData(connection: NWConnection, accumulatedData: Data = Data(), completion: @escaping (Data?, Error?) -> Void) { connection.receive(minimumIncompleteLength: 1, maximumLength: 65536) { data, context, isComplete, error in if let error = error { completion(nil, error) return } // Append newly received data to what's been accumulated so far let newAccumulatedData = accumulatedData + (data ?? Data()) if isComplete { // If isComplete is true, the server closed the connection or ended the stream completion(newAccumulatedData, nil) } else { // Still more data to read, so keep calling receive self.readAllData(connection: connection, accumulatedData: newAccumulatedData, completion: completion) } } }

We have application using PTT Framework to record audio messages when app is backgrounded. Right now we are using AVAudioRecorder for that purpose. And problem is one specific user has frequent issue - recorded audio contains only silence. I've checked almost everything I can imagine but didn't find any possible reason of issue. Conditions: AVAudioRecorder uses following configuration: [ AVEncoderAudioQualityKey: AVAudioQuality.low.rawValue, AVFormatIDKey : kAudioFormatMPEG4AAC, AVNumberOfChannelsKey: 1, AVSampleRateKey: 16000.0 ] App waits both didBeginTransmitting and didActivate audioSession from PTChannelManager (audio session has playback category at that moment) App does AVAudioSession category change to playAndRecord App gets routeChangeNotification with categoryChange and category = playAndRecord There is no any interruption notifications from AVAudioSession during recording There is no any error notification from AVAudioRecorder Any idea what exactly I do wrong? Is there anything else I should check? Thanks in advance. P.S. it looks like recording audio with AudioUnit has the same issue, but let's exclude it from question atm for simplicity.

Does iOS provide a callback when a notification is manually removed from the notification tray ?

I received an email from Apple saying that I needed to replace the APNS certificate. I am inquiring because I am curious about who has the relevant authority and who actually makes the changes. Could you please provide specific guidance on this? Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple. If you have any questions, please contact us. The Apple Developer Relations Team

We built a time verification feature as part of our iPadOS/iOS app where recording an accurate timestamp is part of a core feature of ours. We want to maintain integrity of recorded data, but our app must still be able to operate offline. To accomplish this, we established a baseline between the device's internal clock (CLOCK_MONOTONIC_RAW) and our servers via an initial network request. Once that baseline is established, we can reliably calculate the true time, or detect when a user may have tampered their device's time, especially while offline. Of course, this baseline falls apart after the device reboots. We have been using kern.bootsessionuuid locally to detect when a device has rebooted so we know to wipe the baseline and try to establish a new one. Unfortunately (I'm sure due to issues with device fingerprinting), Apple has removed access to kern.bootsessionuuid in iOS 18, silently and without warning. This has compromised the integrity of our feature. https://developer.apple.com/documentation/ios-ipados-release-notes/ios-ipados-18-release-notes#Deprecations Is there any other way that our app can detect or be notified that a device reboot has occurred? Alternatively, Google has just provided a "TrustedTime" API that looks to do the heavy lifting for what we have been solving ourselves. Would it be possible for Apple to provide a similar API? https://android-developers.googleblog.com/2025/02/trustedtime-api-introducing-reliable-approach-to-time-keeping-for-apps.html We would appreciate any guidance here. Thanks!

Hello, We are developing a multimedia routing platform written in Rust and uses gstreamer 1.20. We are targeting running on Mac Minis (older intel and newer M1/2/3/... w/ 8GB ram) using macOS 14.6.1 I have profiled memory usage using XCode instruments with the allocation tool, stack and heap memory is very stable once the pipelines are up and running. There are between 50 to 100 incoming RTSP streams with multiple webrtc connections, so lots of network and memory bandwidth is being used. However, we eventually see real memory usage increasing in Activity Monitor along with memory pressure increasing, but the heap/stack usage is constant in instruments, so we do not understand this behavior. Page fragmentation is a possibility, but have not been able to prove this with instruments. Please see attached image.You can see that 10-minute run had a total of approx 4.3 GB of allocations, but only 50.17MB persistent. Eventually we see kernel panics in either userspace watchdog timeout: no successful checkins from WindowServer (2 induced crashes) in 120 second or apcie[2:lan-1gb]::handleCompletionTimeoutInterrupt: completion timeout which I believe are caused by high system load and the kernel becoming unresponsive while the kernel is doing page compressions. We tested running with je-malloc for a while, but the kernel panics still occur. We have multiple kernel panic recordings available, but they are too large to upload here. We are also having multiple kernel panics per day while running this application. Any suggestions on how to prevent these kernel panics? If the system is out of memory, shouldn't our application crash with an out-of-memory and the kernel should NOT panic? Thanks, Jeremy Prater

Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

I remember when I called Apple Support, they told me that they can only assist with refunds for orders within the last two months.

Hi there, I am planning an app that requires use of the Family Controls Entitlement to access data on the user's screen time. I understand that this has to be requested from Apple before it can be used in production. I have found the following form to request approval, but it requires an App and bundle ID, which suggests that approval can only be requested after the app has been developed. https://developer.apple.com/contact/request/family-controls-distribution I'd like to avoid the situation where I spend a lot of time on developing the app, only to find out that the Family Controls Entitlement will not be granted for my use case. Is there any way that I can request provisional pre-approval for my app? Perhaps based on an app description and some mockups? Or, at least some idea of whether my particular use case is likely to be approved? Thanks.

Recently we started facing BLE disconnect issues between our BLE peripheral (microphone) and iOS app that we're having trouble solving. iOS App: Ionic Capacitor using @capacitor-community/bluetooth-le Microphone Peripheral: esp32 board using ESP-IDF Apache NimBLE stack App use case: Our app records a sound clip using the BLE microphone and sends data via a characteristic. The sound clip is broken up into several packets and all sent over ( over 1600 packets ). The microphone has an antenna and boosted signal as well. The Issue: Recently, we've been facing consistent disconnects between the microphone and the iOS app that we think we've narrowed down to the iOS device is disconnecting due to too many dropped packets. It seems the phone can't get further than roughly 10 feet before we see packet loss. Up until recently we had little to no range issues with transferring data and settings disconnected from the microphone while being much further away. Nothing has changed on our end on either the app or microphone firmware side. We use the same microphone firmware and app on Android and have no issues with range or dropped packets. It also seems like we can transfer a couple recording , like 2 or 3 ( each with its own connection i.e scan and connect , subscribe to characteristic and gather all the packets , do some processing then disconnect and start over ), without issue than every attempt at gathering the packets starts failing because of disconnects. Does anyone have any idea what might be going on? Do we need to fix our connection parameters? This seems to be mostly an issue since the newest iOS updates ( 18.3,18.3.1 ) however we've tested on previous versions and are now seeing same ble range issues. Any help or guidance on tracking down what's going on is appreciated. Relevant logs: `32mI (273409) Task_send_audio:: esp_ble_tx_power_get(ESP_BLE_PWR_TYPE_DEFAULT) = 255 [39m [31mE (286869) main:: No MBUFs available from pool, retry.. [39m [23;1H [31mE (287519) main:: No MBUFs available from pool, retry.. [39m [23;1H [31mE (287769) main:: No MBUFs available from pool, retry.. [39m [23;1H [31mE (287919) main:: No MBUFs available from pool, retry.. [39m [23;1H` ... ... ... 31mE (1622829) Task_send_audio:: send_audio_ble, couldn't send the audio totally, ***** unsubscribe from charactaristic [39m [23;1H Peripheral connections parameters:

Hello, I'm trying to use the CardSession sample code in an iPhone app I have received the HCE entitlement, the select identifier array contains only one AID of 8 bytes: FAEBDA5003020000, that is a custom AID that we use on ou custom access control system. We have the complete control of the NFC reader, when we detect a MiFare card, the reader application send the SELECT AID command and the card number is return and checked We want to do the same with an iPhone instead of the MiFare card, so we use the CardSesion sample in our app, here is the log of the reader application when we present the iPhone on it: TX: 0x04 0xfc 0xd4 0x4a 0x01 0x00 0xe1 0x00 RX: 0x00 0x00 0xff 0x00 0xff 0x00 ACK RX: 0x00 0x00 0xff 0x11 0xef 0xd5 0x4b 0x01 0x01 0x00 0x04 0x20 0x04 0x08 0x10 0x53 0x17 0x05 0x78 0x80 0x71 0x00 0xc6 0x00 // SMARTPHONE NFC type 1 pn532InSelect TX: 0x03 0xfd 0xd4 0x54 0x01 0xd7 0x00 RX: 0x00 0x00 0xff 0x00 0xff 0x00 ACK RX: 0x00 0x00 0xff 0x03 0xfd 0xd5 0x55 0x00 0xd6 0x00 pn532InDataExchange TX: 0x12 0xee 0xd4 0x40 0x01 0x00 0xa4 0x04 0x00 0x08 0xfa 0xeb 0xda 0x50 0x03 0x02 0x00 0x00 0x00 0x00 0x27 0x00 RX: 0x00 0x00 0xff 0x00 0xff 0x00 ACK RX: 0x00 0x00 0xff 0x05 0xfb 0xd5 0x41 0x00 0x6a 0x81 0xff 0x00 we use the select application command and give our 8 bytes AID number: 0xfa 0xeb 0xda 0x50 0x03 0x02 0x00 0x00 the reader receives 6A 81 which means according to our apdu documentation: "Function not supported" How can we make it work ?

Hi, We received the following message. Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. Note, that we are using Firebase to deliver push notifications and the connection is done via APN keys, not certificates. Is there anything that we need to update in the application to mitigate the risk of not delivered push notes ?

I'm experiencing a crash during a lightweight Core Data migration when a widget that accesses the same database is installed. The migration fails with the following error: CoreData: error: addPersistentStoreWithType:configuration:URL:options:error: returned error NSCocoaErrorDomain (134100) error: userInfo: CoreData: error: userInfo: error: metadata : { NSPersistenceFrameworkVersion = 1414; NSStoreModelVersionChecksumKey = "dY78fBnnOm7gYtb+QT14GVGuEmVlvFSYrb9lWAOMCTs="; NSStoreModelVersionHashes = { Entity1 = { ... }; Entity2 = { ... }; Entity3 = { ... }; Entity4 = { ... }; Entity5 = { ... }; }; NSStoreModelVersionHashesDigest = "aOalpc6zSzr/VpduXuWLT8MLQFxSY4kHlBo/nuX0TVQ/EZ+MJ8ye76KYeSfmZStM38VkyeyiIPf4XHQTMZiH5g=="; NSStoreModelVersionHashesVersion = 3; NSStoreModelVersionIdentifiers = ( "" ); NSStoreType = SQLite; NSStoreUUID = "9AAA7AB7-18D4-4DE4-9B54-893D08FA7FC4"; "_NSAutoVacuumLevel" = 2; } The issue occurs only when the widget is installed. If I remove the widget’s access to the Core Data store, the migration completes successfully. The crash happens only once—after the app is restarted, everything works fine. This occurs even though I'm using lightweight migration, which should not require manual intervention. My suspicion is that simultaneous access to the Core Data store by both the main app and the widget during migration might be causing the issue. Has anyone encountered a similar issue? Is there a recommended way to ensure safe migration while still allowing the widget to access Core Data? Any insights or recommendations would be greatly appreciated.

We are developing an iOS app to connect to vehicles and trigger predefined vehicle controls (door lock/unlock) via the Digital Key framework. We are currently blocked on several aspects and would appreciate your expertise to clarify the following queries. How can we list down connected vehicle information? What is the method to retrieve connection status? How can we perform vehicle control actions (e.g., door lock/unlock)? STEPS TO REPRODUCE Starting the CarKeyRemoteControlSession to Fetch Vehicle Reports Currently, we are using the following API to start a CarKeyRemoteControlSession: open class func start( delegate: any CarKeyRemoteControlSessionDelegate, subscriptionRange subscriptionFunctionIDRange: ClosedRange? = nil, with delegateCallbackQueue: DispatchQueue? = nil ) async throws -> CarKeyRemoteControlSession After successfully creating the session, we check for vehicle reports using the vehicleReports property of CarKeyRemoteControlSession: public var vehicleReports: [VehicleReport] { get throws }

We have a case when we send 8 push notifications more or less simultaneously over 1 HTTP 2.0 connection. Using .NET Core 8 Sometimes some of them fail with a strange message: System.Net.Http.HttpRequestException: The response ended prematurely while waiting for the next frame from the server. (ResponseEnded) ---> System.Net.Http.HttpIOException: The response ended prematurely while waiting for the next frame from the server. (ResponseEnded) at System.Net.Http.Http2Connection.ThrowRequestAborted(Exception innerException) at System.Net.Http.Http2Connection.Http2Stream.TryEnsureHeaders() at System.Net.Http.Http2Connection.Http2Stream.ReadResponseHeadersAsync(CancellationToken cancellationToken) at System.Net.Http.Http2Connection.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.Http2Connection.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.DecompressionHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at Microsoft.Extensions.Http.Logging.HttpClientLoggerHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) We noticed that failure is always accompanied with a huge delay (~500ms) comparing to success (~20ms). Also some of the burst messages are sent successfully (sometimes 2-4 of them) What can we do about it?

When I install my application, it installs fine and everything works alongwith all the system level daemons but when I reboot the system, none of my daemons are getting launched and this happens only on MacOS 15x, on older version it is working fine. In the system logs, I see that my daemons have been detected as legacy daemons by backgroundtaskmanagementd with Disposition [enabled, allowed, visible, notified] 2025-01-13 21:17:04.919128+0530 0x60e Default 0x0 205 0 backgroundtaskmanagementd: [com.apple.backgroundtaskmanagement:main] Type: legacy daemon (0x10010) 2025-01-13 21:17:04.919128+0530 0x60e Default 0x0 205 0 backgroundtaskmanagementd: [com.apple.backgroundtaskmanagement:main] Flags: [ legacy ] (0x1) 2025-01-13 21:17:04.919129+0530 0x60e Default 0x0 205 0 backgroundtaskmanagementd: [com.apple.backgroundtaskmanagement:main] Disposition: [enabled, allowed, visible, notified] (0xb) But later, it backgroundtaskmanagementd decides to disallow it. 2025-01-13 21:17:05.013202+0530 0x32d Default 0x4d6 89 0 smd: (BackgroundTaskManagement) [com.apple.backgroundtaskmanagement:main] getEffectiveDisposition: disposition=[enabled, disallowed, visible, notified], have LWCR=true 2025-01-13 21:17:05.013214+0530 0x32d Error 0x0 89 0 smd: [com.apple.xpc.smd:all] Legacy job is not allowed to launch: <private> status: 2 Is there anything changed in latest Mac OS which is causing this issue? Also what does this status 2 means. Can someone please help with this error? The plist has is true

Dear Apple： We encountered a problem when using the Wi-Fi connection feature. When calling the Wi-Fi connection interface NEHotspotConfigurationManager applyConfiguration, it fails probabilistically. After analyzing the air interface packets, it appears that the Apple device did not send the auth message. How should we locate this issue? Are there any points to pay attention to when calling the Wi-Fi connection interface? Thanks

Hi Everyone, I’m working on a communication system for my app using NWConnection with the UDP protocol. The connection is registered to a custom serial dispatch queue. However, I’m trying to understand what the behavior will be in a scenario where the connection is canceled while there are still pending receive operations in progress. Scenario Overview: The sender is transmitting n = 100 packets to the receiver, out of which 40 packets have already been sent (i.e., delivered to the Receiver). The receiver has posted m = 20 pending receive operations, where each receive operation is responsible for handling one packet. The receiver has already successfully processed x = 10 packets. At the time of cancellation, the receiver’s buffer still holds m = 20 packets that are pending for processing, and k = 10 pending receive callbacks are in the dispatch queue, waiting to be executed. At same time when the 10th packet was processed another thread triggers .cancel() on this accepted NWConnection (on the receiver side), I need to understand the impact on the pending receive operations and their associated callbacks. My Questions: What happens to the k = 10 pending receive callbacks that are in the dispatch queue waiting to be triggered when the connection is canceled? Will these callbacks complete successfully and process the data? Or, because the connection is canceled, will they complete with failure? What happens to the remaining pending receive operations that were initiated but have not yet been scheduled in the dispatch queue? For the pending receive operations that were already initiated (i.e., the network stack is waiting to receive the data, but the callback hasn’t been scheduled yet), will they fail immediately when the connection is canceled? Or is there any chance that the framework might still process these receives before the cancellation fully takes effect?

We have a requirement to create a production quality application that also acts as HTTPS server for certain communication. The preference is for the server to support HTTP/1.1, HTTP/2 and HTTP/3 communication asynchronously, though not mandatory to support all the HTTP versions. Wanted to get the guidance, on which stack should be used, that is most reliable and that gives the maximum long term compatibility, sustainability and reliability. What is the recommended 'in-built' or 'available by default' stack on Apple Platform ? For HTTPS on HTTP/1.1 with synchronous mode operations ? For HTTPS on HTTP/1.1 with asynchronous mode operations ? For HTTPS on HTTP/2 with synchronous mode operations ? For HTTPS on HTTP/2 with asynchronous mode operations ? For HTTPS on HTTP/3 with asynchronous mode operations ? For HTTPS on HTTP/1.1 + HTTP/2 with synchronous mode operations ? For HTTPS on HTTP/1.1 + HTTP/2 with asynchronous mode operations ? For HTTPS on HTTP/1.1 + HTTP/2 + HTTP/3 with asynchronous mode operations ? What the generally recommended server stack that a typical application uses whether 'in-built' or 'available by default on Apple ' or 'not-available by default on Apple' stack. From the available stacks , we tried to evaluate the below stacks: https://opensource.apple.com/projects/swiftnio/ : We understand that while it’s not preinstalled as part of Apple's OSes, it is an official Swift package supported by Apple and can easily be added to your project. At the moment it supports HTTP/1.1 and HTTP/2. The link https://github.com/apple/swift-nio/issues/1730says that HTTP/3 will get added in the future. Is there any other HTTPS stack (built-in or third-party) that is recommended to the used on Apple's platform ? Our application is expected to be working on macOS, iOS, iPadOS, tvOS and watchOS. We understand that macOS also includes Apache HTTPD server. As our application is not primarily a Web Server (and also supports other protocols both in client and server mode), it looks integrating HTTPS directly into the application using a lightweight HTTP library with SSL/TLS support is a better option, in place of Apache HTTPD. From the document we know that swift-nio uses BoringSSL (swift-nio-ssl) which is prepackaged along with the swift-nio library, and it does not use the default Secure Transport. What is the reason being not using Secure Transport ? Now does it become the responsibility of the application using swift-nio to take care of updating BoringSSL with the patches.

We have a checkout page on which clients can configure the providers we've integrated with for each currency. One such provider is Stripe, with which we have already integrated ApplePay and host a merchant domain association file. Now, we're getting requests to support ApplePay with other providers. The issue is that we can't tell Apple to use a different path to domain association file for domain verification. And, replacing the existing domain association file seems like a hack, since I believe it's needed for domain re-verification. We're thinking of using subdomains for serving the domain association files for different providers. But, we have some questions on how ApplePay domain verification works to understand how we can solve our problem. Firstly, can we use subdomains for individual domain verification? If we already have example.com verified with Stripe, can we serve the domain association file for the other provider with provider.example.com and have the verification work? Secondly, let's say our domain is example.com, and we can use provider.example.com to serve the domain association file and verify the domain. Then on example.com/checkout, will using an iframe with provider.example.com/applepay to host the ApplePay button work? This thread suggests otherwise, but we want to confirm. Lastly, is the only way to make an ApplePay payment for provider.example.com to use that subdomain? So redirecting to provider.example.com/applepay would work? Thanks for your help!