Try removing all configuration an keep onNSExceptionRequiresForwardSecrecy
to NO
According to Apple documentation here are supported Ciphers
The connection must use either the AES-128 or AES-256 symmetric cipher. The negotiated TLS connection cipher suite must support perfect forward secrecy (PFS) through Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, and must be one of the following:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
You can find more details here ATS Configuration Basics
If this do not work for you, you should figure out the url that is being blocked by ATS to check if your server is redirecting your request to an other url.
If you are playing a Fairplay stream, try printing yourPlayerItem.errorLog()
you will see if your stream keys server url is being blocked by ATS. In that case you must add the suitable exception.
Hope this helps you, it is exactly what I made to solve the same problem.