• This update removes the ability to send an email with feedback about the app. To report an issue with the app or to request a feature, please use Github, or reach us on Mastodon or Bluesky.

Thanks for using TLS Inspector! • Fixes a bug where not all HTTP headers were collected during inspection in some circumstances

Happy new year! While we do have a major update planned for later in the year, right now we're just keeping things running smoothly with this small update. • Add dark & tinted icons for iOS 18 users • Fix the App Icon selector not showing previews after iOS 18 • Update curl to 8.11.1

Thanks for using TLS Inspector! • Fixed a localization issue with recently inspected hosts • Fixed an issue with the inspect certificate extension on macOS • Made just the slightest tweak to the icon • Updated OpenSSL to 3.3.2 • Updated Curl to 8.9.1 This will be the final update that supports iOS 12 to 14 (inclusive). The next release of TLS Inspector will require iOS 15.6 or newer, which means that the following devices will no longer be supported: iPhone 5s, 6, 6 Plus, and iPad Air 1, Mini 2, Mini 3. TLS Inspector will continue to function on unsupported devices, however as the device ages root certificates will eventually expire and this will generate trust errors.

Thanks for using TLS Inspector! • Added some fancy schmancy new icons! • Normalized font sizes across the entire app, also fixed dynamic font sizes not working within the app • Removed the legacy Apple network engine • Fixed an issue where an untrusted certificate might mistakenly be labelled as using SHA1 • Added a link to my other app, DNS Inspector, in the about view. Speaking of which... If you like TLS Inspector you may be interested in my newest app, DNS Inspector! Following the same core principals of TLS Inspector, DNS Inspector aims to help you better understand the complexities of DNS name resolution.

Thanks for using TLS Inspector! Due to the complexity of supporting it, we're deprecating the legacy Apple network engine (based on SecureTransport). In the next major update, TLS Inspector will remove this engine entirely, and users will automatically be migrated to the modern Apple network engine (based on the Network framework). OpenSSL remains supported. • Show extra extensions on certificates. Supports strings, booleans, integers, and dates. • Added warning about upcoming deprecation of legacy Apple network engine. • Improved messaging for when a HTTPS proxy is enabled. • Some very minor UI polish. • Fixed a bug where a passenger door could come off unexpectedly.

Thanks for using TLS Inspector! • Update curl to 8.5.0 • Update OpenSSL to 3.2.0 • Moved Open Source Licenses & Attributions from the settings app into the about screen

Thanks for using TLS Inspector! • Updates curl to 8.4.0 • Fixes a bug where certificate expiry reminders couldn't be added on iOS 17

Thanks for using TLS Inspector! • Updated curl to 8.3.0

Thanks for using TLS Inspector! • Fixes a bug where re-inspecting a recent lookup would fail

Thanks for using TLS Inspector! If everything has gone right, you shouldn't notice anything different with the app. We took this time to make some much needed improvements to the inspection logic of the application, which should result in faster results, less crashes, and support for a wider set of TLS servers. If you're interested in learning more about these changes, you can read more on our Mastodon account - linked in the About view of the app. It's not all boring backend fixes, however - we've also: • Added an option to specify the language for the app, overriding the system language • Added a button to reset advanced settings to their default values

Thanks for using TLS Inspector! • Fixed a crash caused by certificates that have a non-URI CRL distribution point entry • Cleaned up the boxes of top-secret documents in our bathroom, moved them to the laundry room instead.

Thanks for using TLS Inspector! • Update OpenSSL to 3.1.1 • Update curl to 8.1.2 • Enforce strict content-type on CRL and OCSP response • Enforce maximum content length on OCSP response • Improvements to verbose logging

Hallo! TLS Inspector is now available in Dutch, thanks to a generous contribution from Erik van Straten. Also: Spanish translation should actually work this time! I totally 100% didn't forget to include the translation files. Nope. Didn't forget.

¡Hola! TLS Inspector is now available in Spanish! Thanks to Kevin López Brante for providing the translation. Also: • Minor UI improvements for iPad users

Thanks for using TLS Inspector! We've added 4 new app icons that you can pick from to customize the look of TLS Inspector. You can access these in the app's options. Also: • Fixed a bug where the unrecognized certificate trust banner was unreadable on light displays. • Reduced the app size by around 20% • Updated to OpenSSL 3.1.0 • Updated to curl 8.0.1

Thanks for using TLS Inspector! Nothing all too special with this release, just addressing some issues found with the last update. • Improved privacy when updating root CA certificate bundles (requests are now proxied through tlsinspector.com rather than directly to Github) • Improved handling of cross-signed certificates for vendor trust status • Improved HTTP header logic and presentation • Big ol' batch of fixes from static analysis • Fixed a bug where images or links wouldn't load because we weren't paying ourselves for our own API

Thanks for using TLS Inspector! This release includes a major new change in how the app builds certificate chains and determines trust. TLS Inspector now includes root CA certificate bundles from Apple, Google, Microsoft, and Mozilla. These bundles cannot be modified by configuration profiles and allow the app greater insight into the trustworthiness of a root certificate. Think of it like asking 4 other doctors for a second opinion. These bundles are embedded in the app itself but can also be manually updated from within the Advanced Settings page. These bundles are hosted on GitHub and are digitally signed. Furthermore, keeping in line with changes to trust, we have changed the behaviour of how the app deals with locally trusted certificates. The wording and appearance of the trust banner and information have been altered to highlight the risk these certificates pose. You can revert to the previous behaviour by enabling "Treat Unrecognized Certificates as Trusted" in the app's options. And if you thought that was all then you're wrong and you owe me an apology: • Added support for viewing signed certificate timestamps both embedded in certificates and in the handshake. • Moved the link to view subject alternate names to the subject section. • Fixed a bug where the keying material table would show up randomly. • Replaced the Twitter link with Mastodon, because, well, yeah.

Thanks for using TLS Inspector! • Updates OpenSSL to 3.0.8 to address a vulnerability with certificate and CRL validation

Thanks for using TLS Inspector! • Updates OpenSSL to 3.0.7 to address high severity security vulnerability. This update also applies to iOS 9, 10, and 11 devices as well. There will be no further updates to the app on those devices going forward. For real this time.

Thanks for using TLS Inspector! If you're using an older iOS device then this update is dedicated to you. • Fixes a crash on older iOS devices • Removes links to online services on older iOS devices Important note: this will be the last release of TLS Inspector for devices on iOS 9, 10, and 11. The next update of TLS Inspector will support iOS 12 or newer. The following devices are no longer supported: • iPhone 4s, 5, and 5c • iPad 2nd, 3rd, and 4th generation • iPad Mini 1st generation • iPod Touch 5th generation We strive to maintain support for older iOS devices when possible, however Apple has removed support for building apps on older iOS versions. As TLS Inspector does not rely on any specific online service to function; the app should continue to function as long as the device can connect to a network. However, you may see trust warnings as the root certificates on the device age and begin to expire.

Oh hello, didn't see you there, reading the update notes are you? Good decision. Sometimes people write all sorts of little useful bits and pieces here, you never know what you'll find! Anyways, onto this release! • Custom inspection parameters that differ from the defaults are now shown on the recently inspected list • When OpenSSL is used, you can now view the keying material used in the handshake • Additionally, you can export a NSS keylog file which can be imported into tools like WireShark for some seriously advanced debugging • Fixed a bug where some IPv4 addresses were being displayed as IPv6 • Minor visual improvements • Fixed a crash for our friends still rocking iOS 9 like it's 2015 all over again, keep on keeping on you brave souls • Update OpenSSL to 3.0.3 • Update tiny-curl to 7.79.1 TLS Inspector has and always will be a force for social good. Right now, access to life-saving healthcare and body autonomy is being threatened all across the United States. When able, please exercise your civil liberties and call or write to your representatives demanding that they work to protect abortion access. Regardless of wether or not you may ever need to use these services, we all need to stand together to oppose regressive legislation that will accomplish nothing but harm and suffering.

Thanks for using TLS Inspector! • Updated OpenSSL to 3.0.2 • Updated German localization

Thanks for using TLS Inspector! • Adds a mechanism to detect certificates issued by known bad certificate authorities.

Oh hello, remember us? Your old pal TLS Inspector is back again with a fresh update to keep things running smooth. Here's what you need to know: • Updated OpenSSL to 3.0.1 • Updated tiny-curl to 7.79.1 • Improved messages for DNS-related errors • Fixed issues with connection information on iOS 12