I have a problem with SSL Pinning on iOS. I was using the following plugin:
https://github.com/silkimen/cordova-plugin-advanced-http
and
https://ionicframework.com/docs/native/http
This method is working fine for Android. However, with iOS, I am receiving the following error on Xcode:
Connection 1: default TLS Trust evaluation failed(-9813)
Connection 1: TLS Trust encountered error 3:-9813
Connection 1: encountered error(3:-9813)
I am not sure how to fix this problem. I've googled everywhere, and most of the solution is for Android, and not iOS specifically.
Any help is very much appreciated. Thank you.
Related
This issue happens only in iOS 11 But works fine in other versions
So this question is not a duplicate and need to know what could be the cause
Issues details:
I am using a 3rd party library(private) & the issue happens in it.
When we debug the results from the library call we found the following issue log,
The certificate for this server is invalid. You might be connecting to
a server that is pretending to be
“DOMAIN.com” which
could put your confidential information at risk
But if the issue occurs in iOS 10 and below it would be fine and would have decided its common issue. But since it occurs only in iOS 11 I wonder why, Any suggestions or solutions please ?
When running my app on iOS 11 beta 5 built with Xcode 9 I see this error from several of our network calls.
"NSURLError * domain: #“NSURLErrorDomain” - code:
18446744073709550617"
I've never come across this error before and we haven't made any change to the app currently. For networking, we are using AFNetworking v2.5
So it turns out it was ssl related. Eventually what I did was add an exception for the domain in info.plist and was able to get a reasonable error that said there was an ssl issue. Investigating that showed our cert was weakly signed. We replaced it which resolved the issue.
I'm developing an app using cordova (5.2.0).
On mac I'm using Xcode 6.4 to generate the .ipa
At some point I initialize a secure websocket connexion (certificates are not self signed, length is 2048) like this in js:
socket_ip = new WebSocket(wss://perform.domain.com:8080, "image-processing-protocol");
The connexion is working on Android and also from desktop browser (safari too).
However, from my Iphone(8.4) I got a :
CFNetwork SSLHandshake failed (-9807) which means "Invalid certificate chain"
On server side the message I got is:
error:00000005:lib(0):func(0):DH
My sever configuration is:
info.ssl_cert_filepath =
"sslCertificates/myCert.cer";
info.ssl_private_key_filepath ="sslCertificates/myCert";
info.ssl_ca_filepath ="sslCertificates/GlobalSignRootCA.cer"
info.ssl_cipher_list ="RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5"
Looks like my issue is similat to openssl-ssl-accept-error-5 . I then tried to set up a cipher list without DH but I still got the error.
I am probably missing something to configure on my libsocket server.
As long as I'm using a commercial certificate and it's working with other devices I don't understand with the connexion with IOS failed.
Any Help would be much appreciated, Thanks!
Is there an intermediate certificate from GlobalSignRootCA that you also have to add?
I did the checks as Steffen suggested.
Solution was to set elliptic curve Diffie Hellman protocol up within libwebsocket.
Thanks for your help.
I'm using AFNetworking to upload some content to server using AFHTTPRequestOperation. It is working good in iOS 7 but in case of iOS 8 mostly this call goes to failure.
I'm getting this error:
Code=-999 "The operation couldn’t be completed. (NSURLErrorDomain error -999.), NSErrorFailingURLKey.
Can you please help me to resolve this issue?
NSURLErrorDomain error -999 is NSURLErrorCancelled
You can review the error codes here
You might get this error due to a request timing out, or resubmitting the same request more than once. Without further code there isn't much to expand on, but have you ensured that you haven't lost your wifi settings since upgrading to iOS 8?
BTW you can use NSErrorFailingURLKey to find the failing URL - try putting it straight into Safari and see what happens
Your issue is being discussed here :
https://github.com/AFNetworking/AFNetworking/issues/2314
it seems to be related to keepalive implementation in iOS8, no solution available on client side for now, if you can configure the http server, disabling http keepalive should solve your issue ...
Some times i'm getting CFNetwork SSLHandshake failed -(9806) in my code,but i'm not sure why this is happening as my code runs smoothly,except when i run it in iOS 6 and then on iOS 7 64-bit i get this warning.
Can anybody suggest me, how to handle this issue ?
Normally when I get CFNetwork SSLHandshake failed -(*) Its because of my local wifi network (device is connected to network but not the internet)
Try it again on another network (3G is the quickest solution for me)
This could also happen because of iOS 9. iOS 9 and OSX 10.11 require TLSv1.2 SSL for all hosts you plan to request data from unless you specify exception domains in your app's Info.plist file.
You can find more info here:
https://developer.apple.com/library/prerelease/ios/technotes/App-Transport-Security-Technote/
Or Steven Peterson's answer here, which is quite clear:
https://stackoverflow.com/a/30720929/1485701
Had the same issue and after I have confirmed that the server is getting the POST the solution was this:
Clean the project: Product -> Clean
Delete your app from the iOS device/iOS Simulator and quit the Simulator
Compile your app and run it
In my case, simple as that.
I had the same problem, and in my case the solution was that in my code I wrote
initWithScheme:#"https"
instead of
initWithScheme:#"http"
So make sure you use the correct protocol
Another solution: check if date/time is set correctly in your phone. SSL certificates are valid UNTIL certain date.
https://superuser.com/a/760211