ruby on rails - Implicitly trust SSL certificates in iOS app for private API -

i'm working on ios app rails backend, running on vps (via own domain).

my question is: insecure use self-signed ssl certificate on server , ignore warnings nsurlconnection while communicating it, considering private api accessible via my ios app?

the safe way go in scenario is: sign , manually add certificate local certificate database of every system work from, don't need authentication know it's yours. can done automatically checking box "ignore warning certificate" first time connect each system, prevent seen again on system unless certificate changes.

this way won't see warning again, unless it's else's self certificate you're looking at.

ignoring warning default means if else signs own certificate , presents you, go along without noticing. not idea.