Hi Quinn, thanks for replying. I have used the sec_protocol_options_set_verify_block method form the post you pointed out. When using localhost (on my iPad) the closure is called and the certificates get compared correctly. Thanks for this input. Unfortunately I am still having another problem which might have something to do with your "one more thing" but sadly I don't quite get what you mean or I may have not described my situation precise enough. I am trying to use AWDL between my iPhone and my iPad. Since Bonjour can only advertise TCP and UDP services, I chose to hardcode a port number into my application where the QUIC Service is listening. When connecting to my iPad I try to rely on the DNS cache the Bonjour service figured out and call NWConnection(host: "iPad.local.", port: Config.quicPort, using: transportProtocol.parameters) so I am not using Bonjour directly with QUIC in my understanding and it doesn't throw a DNS error so I assumed it works. Unfortunately it is still stuck in preparing state and the sec_protocol_options_set_verify_block closure is not even called on the iPhone. So what do you mean with DNS name endpoint? Can I approach this differently? How can I connect to the iPad service without being able to advertise it? I assume sending the IP address and port number of the iPads QUIC listener (without the hard coded port number, let the OS allocate a port) via the TCP connection to let the iPhone know the address of the service would work, but I would like to save this additional effort if it works in another way.

Hi Quinn, so I got the application to successfully establish the QUIC connection via AWDL from iPhone to iPad, thank you for your time and input and for pointing me into the right direction. I used the POSIX getifaddrs call to get the IP addresses of the iPad and printed them. Then I put the IPv6 address of the awdl0 interface into the client. It's needless to say that this solution is technically not beautiful. Any ideas on how to improve this?