If you’ve done any iOS development in the past few weeks and, like me, aren’t big on server-side stuff, chances are you encountered the following error:

App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app’s Info.plist file.

As the error itself say, there is a very simple way of going around this and this Stackoverflow answer covers it perfectly.

Here’s the problem: this is only a temporary fix, and it’s a bad idea to submit an app without ATS to Apple. In order to fix that, we need to secure App-Server communications using SSL.

Here’s another problem: My hosting plan does not support SSL (and I got a good deal I’m not willing to change), SSL certificates can cost quite a lot of money on a per year basis, and I have no idea what I’m doing anyway.

I’ve looked around for a good host, and considered OpenShift, Heroku and other similar services, until I found DigitalOcean. It seemed like a match for my needs: It’s clear, has step by step documentation for everything I need, and the pricing was very clear.

The way it works is you select a server (named droplet) size, and pay on a per-hour basis that amounts to a round number every month provided you didn’t use any extra resource. The $5 a month seemed like a match for my needs, so I signed up and got started.

Quick disclaimer : I am not affiliated with DigitalOcean, however I do have a referral link. I usually hate those, and therefore I’ll let you choose between my link (and get $10 credit) or simply visit the DigitalOcean website directly.

Now we got that out of the way, we can get started on setting up the server. Create an account, and start your first Droplet. You’ll need to configure it the way you need, here’s how I set mine up:

You’ll then need to choose your Operating System. Asking Linux-savvy people around me, I reduced the choice down to Ubuntu and Debian. I ultimately choose Ubuntu and I am satisfied with it so far, but it shouldn’t matter that much for simple use cases.



Shortly after, you’ll receive an email from DigitalOcean that looks like this:

Your new Droplet is all set to go! You can access it using the following credentials:

Droplet Name: SSL-Test

Address: xxx.xxx.xx.xx

Username: root

Password: n0TMy4C7u4LP4S5

Copy the IP, open Terminal and type the following:

ssh root@{THE IP}

Type the password, change it (if it’s your first login), and you should be greeted with this:

You’re now connected to the magical world of SSH! The next thing we want to do is to install Apache, to turn the server into a webserver.

Fortunately there is a step by step guide over at DigitalOcean to do just that. Just follow the steps, and you should be all set.

Once that’s done, we can get into the tricky part: setting up the SSL layer. To avoid paying hundreds for an SSL certificate, we’ll go use StartSSL, a free certificate signing authority.



There is also a guide about this on DigitalOcean. It’s very detailed and once again be sure to follow ALL the steps.



Your configuration file towards the end might look a bit different (it did for me) however you can either keep your first half, or copy their entire file and overwrite yours. Read carefully the steps, as sometimes you’ll do things that are not fully logical and skimming through will only mean mistakes.

Be sure you already own the domain you’ll use SSL on. While SSL *should* work with an IP only, I suggest getting a domain as that is what StartSSL supports.

I opted to get SSL on a subdomain instead of my .com. to do this, I went to my hosting panel, into DNS settings and set up a new IN A record for the subdomain I wanted, and made it point to the server’s IP. This is a pretty simple operation, but I suggest getting in touch with your Domain Name provider in case you’re not comfortable with this.

In about two hours, I went from



To the very satisfying

While it’s not the pretty green bar we’re used to (you need to be a corporation to request this one), it’s good enough to get rid of the error and Apple’s approval! Total cost so far, about $0.02.

It was overall a bit tricky, but smooth operation thanks to the detailed guides.

Remember you can get $10 of credit for free if you sign up using this link. If lke me you hate that kind of stuff, click here to go to DigitalOcean without referral.

As always, if you have any question feel free to email me using the form on my website or on Twitter @Mousta_ch.

See you tomorrow!

