JFYI: iOS does not use openssl (however an app might choose to use it). I believe it uses a FIPS compliant custom TLS implementation in Security.framework. I believe ssl pinning is circumvented on iOS by leveraging the objective-c runtime to hook the callbacks that an app would use to inspect the remote peer certificate. More info: https://www.guardsquare.com/en/blog/iOS-SSL-certificate-pinn...
My memory must have failed me, you're correct. I used to use [iOS kill switch](https://github.com/iSECPartners/ios-ssl-kill-switch), and for some reason assumed it overrode openssl! Thanks, I'll correct the article.
> I believe ssl pinning is circumvented on iOS by leveraging the objective-c runtime to hook the callbacks that an app would use to inspect the remote peer certificate.
I believe this only works if apps are using their own custom stack to perform this validation. If they are using the iOS TLS implementation, you will need a jailbroken device to fix this.
