We are developing an application using IBM MobileFirst Platform Foundation v7.1. Currently we are in UAT phase. The app supports both Android and iOS.
We implemented certificate pinning for our application. The MobileFirst Server is maintained by the network team, which provided me with a public certificate with "cer" extension (com.uat.myapp.cer). I included this public certificate in my project under the certificate folder and wrote the certificate pinning code in the main.js file.
The Android application is working fine and SSL Handshake with the MobileFirst Server is happening. The application is working properly.
The iOS application though is not able to connect to the MobileFirst Server with the following error:
An SSL error has occurred and a secure connection to the server cannot be made".
I converted the .cer certificate to .der certificate (com.uat.myapp.der) using the following portal: https://www.sslshopper.com/ssl-converter.html and placed it in the application but I still ended up with the same error.
Please find the below error logs for more information:
-[WLAFHTTPRequestOperationManagerWrapper requestFailed:error:] in WLAFHTTPRequestOperationManagerWrapper.m:390 :: Response Error : An SSL error has occurred and a secure connection to the server cannot be made. 2016-12-26 19:38:49.301 MyApp[1419:26347] [DEBUG] [WORKLIGHT]
+[WLClient sharedInstance] in WLClient.m:165 :: IBMMobilieFirstFoundation.framework version = 7.1-2016/05/28 17:08:17
-[WLRequest requestFailed:error:] in WLRequest.m:509 :: Status code='0' error='An SSL error has occurred and a secure connection to the server cannot be made.' response='(null)'
2016-12-26 19:38:49.302 MyApp[1419:26347] [DEBUG] [WL_REQUEST]
-[WLRequest requestFailed:error:] in WLRequest.m:512 :: Response Header: (null) Response Data: (null)
2016-12-26 19:38:49.302 MyApp[1419:26347] [DEBUG] [WL_AUTH]
-[WLAuthorizationManager failRegistratioWithResponse:] in WLAuthorizationManager.m:866 :: Response does not contain a valid certificate and client Id. device registration failed
2016-12-26 19:38:49.306 MyApp[1419:26347] [DEBUG] [CERTIFICATE_MANAGER] +[WLCertManager removeKey:] in WLCertManager.m:262 :: Key was successfully removed.
My hunch is that the domain specified in the certificate does not match the actual server host or IP used by the application.
Use keytool verify that the certificate indeed contains the required host/ip values.
In your application, make sure that the application indeed attempts to connect to the same server host/ip.
Related
I'm currently developing a React-Native app (first for IOS) and I have to do an API request on a FHIR connector (medical standard). This API uses a TLS certificate generated by the PKI of my state that is by default not trusted by IOS. I added manually the root certificate G1, the second certificate G2, and the certificate of the API URL.
After it, I trusted the Root certificate using this explanation of the apple support : https://support.apple.com/en-us/HT204477
From now I thought that it was ready to be used and I checked with Chrome and now I have the following error: NET::ERR_CERT_VALIDITY_TOO_LONG
I don't have access to the PKI so I can't generate a certificate with a lowest validity time. After some research I found this :
https://support.apple.com/en-us/HT210176
That explains the requirements of certificate TLS to be validated by the OS. I thought that there is no solution except generate a new certificate but I found this :
https://support.apple.com/en-us/HT211025
That explains that the certificate installed manually by a user doesn't have to respect the validity of 398 days.
I'm a bit confuse ...
My certificate validity time is 10 years.
My application React-native work fine with http, but i have the following error with https :
[connection] nw_socket_handle_socket_event [C7:1] Socket SO_ERROR [61: Connection refused]
[connection] nw_connection_get_connected_socket [C7] Client called nw_connection_get_connected_socket on unconnected nw_connection
TCP Conn 0x2835e42c0 Failed : error 0:61 [61]
[native] [GESTURE HANDLER] Initialize gesture handler for root view <RCTRootContentView: 0x106d05890; reactTag: 11; frame = (0 0; 834 1194); gestureRecognizers = <NSArray: 0x280c16640>; layer = <CALayer: 0x280303060>>
Connection 12: default TLS Trust evaluation failed(-9807)
Connection 12: TLS Trust encountered error 3:-9807
Connection 12: encountered error(3:-9807)
Connection 12: unable to determine interface type without an established connection
Task <344A51D7-3F78-47DF-94E4-4A70D6B4E026>.<4> HTTP load failed, 0/0 bytes (error code: -1202 [3:-9807])
Task <344A51D7-3F78-47DF-94E4-4A70D6B4E026>.<4> finished with error [-1202] Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “<API URL REQUEST>” which could put your confidential information at risk." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=(
"<cert(0x104814000) s: <API URL CERTIF> i: <CERTIF G2>>",
"<cert(0x104811000) s: <CERTIF G2> i: <CERTIF ROOT G1>>",
"<cert(0x10488d000) s: <CERTIF ROOT G1> i: <CERTIF ROOT G1>>"
), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=<API URL>, NSErrorFailingURLStringKey=<API UTL>, NSUnderlyingError=0x280c36310 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x2830f7330>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9807, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9807, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x104814000) s: <API URL CERTIF> i: <CERTIF G1>>",
"<cert(0x104811000) s: <CERTIF G2> i: <CERTIF G1>",
"<cert(0x10488d000) s: <CERTIF G1> i: <CERTIF G1>"
)}},
The question is : Am i doing something wrong or is there any way to use this certificate (10 years validity time) for my application ?
Thank you for helping me
If you are using a self signed cert, you have to enable your IOS device to trust it:
For this, open again the iOS Settings app. Then navigate to “General” > “About” > “Certificate Trust Settings”. In the section “Enable Full Trust for Root Certificates”, enable your root certificate. With this, your app can connect now with the self-signed certificate to the backend.
I finally had access to the PKI to generate a TLS certificate with a shorter validity time and this solved my problem. Now the certificate is accepted by IOS.
I strongly think that there is no other solutions.
I am unable to connect MFP in ios i'm getting the error like this.
Response Data: /*-secure-{"reason":"App authenticity security check failed"}*/
2016-10-10 10:53:56.293 appname[3983:433885] [DEBUG] [WL_AUTH] -[WLAuthorizationManager failRegistratioWithResponse:] in WLAuthorizationManager.m:846 :: Response does
not contain a valid certificate and client Id. device registration failed
2016-10-10 10:53:56.295 appname[3983:433885] [DEBUG] [CERTIFICATE_MANAGER] +[WLCertManager removeKey:] in WLCertManager.m:261 :: Key was successfully remove
MFP version 7.1.0.00.20150807-0630
Upgrade your server and studio installations to the latest iFix release from IBM Fix Central, currently at 7.1.0.0-MFPF-IF201610060540 as many authenticity-related issues have been resolved
Authenticity errors may happen if you incorrectly setup authenticity
You forgot to add the bundleId and applicationId to the application-descriptor.xml file
You're using a different bundleId value than your actual bundleId value for the iOS application
For instructions: https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/7.1/authentication-security/application-authenticity-protection/
I have developed a MobileFirst 7.1 Hybrid application in eclipse with ipad environment.
This ipad environment is configured with a custom security test that has the following realm:
<customSecurityTest name="myIpadTest">
<test isInternalUserID="true" realm="wl_anonymousUserRealm" />
<test realm="wl_deviceNoProvisioningRealm" isInternalUserID="true" />
</customSecurityTest>
In the application-descriptor.xml
<ipad bundleId="com.xxx.xxx.xxx" securityTest="myIpadTest" version="1.0">
....
</ipad>
This application when installed in the real device works properly with my Eclipse environment and my Staging MobileFirst Server. The Staging MobileFirst Server has HTTP Server Nginx in front of it without SSL.
But when I deploy the same application in the Production MobileFirst Server the device fails to register with the below error logs. This production server has a nginx also in front of it that acts as a reverse proxy to the mobilefirst server and is configured with SSL with a valid CA Issued Certificate. TLSv1.2 with SHA256 Cipher.
2016-08-24 14:57:33.087 MyApp[2388:1849431] [DEBUG] [WL_REQUEST] -[WLRequest sendRequest:path:withOptions:] in WLRequest.m:244 :: Sending request (https://xxx.xxx.xxx.com:443/myapp/authorization/v1/clients/instance) with headers:
{
"Accept-Language" = en;
"User-Agent" = "MyApp/1.0 (iPad; iOS 9.3.2; Scale/2.00)/WLNativeAPI/7.1.0.0";
"X-Requested-With" = XMLHttpRequest;
"x-wl-app-version" = "1.0";
"x-wl-device-id" = "1293712973921739217398217893721";
"x-wl-platform-version" = "7.1.0.0";
}
You can see the request body in the Analytics platform logs.
2016-08-24 14:57:33.094 MyApp[2388:1849431] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper start] in WLAFHTTPRequestOperationManagerWrapper.m:356 :: Starting the request with URL https://xxx.xxx.xxx.xxx.com:443/myapp/authorization/v1/clients/instance
2016-08-24 14:57:33.095 MyApp[2388:1849431] [DEBUG] [WL_REQUEST] __42-[WLRequest sendRequest:path:withOptions:]_block_invoke in WLRequest.m:254 :: waiting for response... (Thread=<NSThread: 0x13cd16140>{number = 1, name = main})
2016-08-24 14:57:33.096 MyApp[2388:1849431] THREAD WARNING: ['WLAuthorizationManagerPlugin'] took '86.991943' ms. Plugin should use a background thread.
08-24 14:57:33.455 INFO App Sending no login credential event with cause 0 [ UserCredentialReportThread_0, SendNoLoginCredentialEvent, /Users/iosbuild/TAGS/TAG_VC_3_3_4_0004/Products/Client/ClientLib/AppLogic.cpp:15304 ]
2016-08-24 14:57:33.455 MyApp[2388:1849664] Received event=202002
2016-08-24 14:57:33.456 MyApp[2388:1849664] Sending Data to JS key callStatus, value 202002
2016-08-24 14:57:33.456 MyApp[2388:1849664] Unknown event 202002
2016-08-24 14:57:34.409 MyApp[2388:1849431] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFailed:error:] in WLAFHTTPRequestOperationManagerWrapper.m:388 :: Request Failed
2016-08-24 14:57:34.412 MyApp[2388:1849431] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFailed:error:] in WLAFHTTPRequestOperationManagerWrapper.m:389 :: Response Status Code : 404
2016-08-24 14:57:34.415 MyApp[2388:1849431] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFailed:error:] in WLAFHTTPRequestOperationManagerWrapper.m:390 :: Response Error : Request failed: not found (404)
2016-08-24 14:57:34.420 MyApp[2388:1849431] [DEBUG] [WORKLIGHT] +[WLClient sharedInstance] in WLClient.m:165 :: IBMMobilieFirstFoundation.framework version = 7.1-2016/05/13 10:26:34
2016-08-24 14:57:34.421 MyApp[2388:1849431] [ERROR] [WL_REQUEST] -[WLRequest requestFailed:error:] in WLRequest.m:509 :: Status code='404' error='Request
I thought the issue was caused by the Reverse proxy so i decided to install the desktopbrowser version in the production but i dont have any 404 issues with the desktopbrowser. The certificate is also trusted by the browser.
Looking forward for your help guys. Thanks in advance.
Hi I recently had develop small sample application using IBM MobileFirst 7.1. I have successfully run app on simulator, it able to login perfectly without error but when I tested on actual device (iOS 9.2) the app failed to login here is some error log I receive
2016-02-16 15:31:39.847 YITCallCenter[3010:1041692] [DEBUG] [WL_REQUEST] -[WLRequest sendRequest:path:withOptions:] in WLRequest.m:221 :: Sending request (http://10.12.11.59:10080/YITCallCenter/authorization/v1/clients/instance) with headers:
{
"Accept-Language" = "th-TH";
"User-Agent" = "YITCallCenter/1.0 (iPhone; iOS 9.2.1; Scale/3.00)/WLNativeAPI/7.1.0.0";
"X-Requested-With" = XMLHttpRequest;
"x-wl-app-version" = "1.0";
"x-wl-device-id" = "AACA3EB7-EEF1-429A-A9A7-597231D2C8B2";
"x-wl-platform-version" = "7.1.0.0";
}
You can see the request body in the Analytics platform logs.
2016-02-16 15:31:39.855 YITCallCenter[3010:1041692] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper start] in WLAFHTTPRequestOperationManagerWrapper.m:332 :: Starting the request with URL http://10.12.11.59:10080/YITCallCenter/authorization/v1/clients/instance
2016-02-16 15:31:39.857 YITCallCenter[3010:1041692] [DEBUG] [WL_REQUEST] __42-[WLRequest sendRequest:path:withOptions:]_block_invoke in WLRequest.m:231 :: waiting for response... (Thread=<NSThread: 0x155d04d90>{number = 1, name = main})
2016-02-16 15:31:39.860 YITCallCenter[3010:1041692] THREAD WARNING: ['WLAuthorizationManagerPlugin'] took '98.279053' ms. Plugin should use a background thread.
2016-02-16 15:31:39.933 YITCallCenter[3010:1041692] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFinished:] in WLAFHTTPRequestOperationManagerWrapper.m:345 :: Request Success
2016-02-16 15:31:39.935 YITCallCenter[3010:1041692] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFinished:] in WLAFHTTPRequestOperationManagerWrapper.m:346 :: Response Status Code : 200
2016-02-16 15:31:39.938 YITCallCenter[3010:1041692] [DEBUG] [WORKLIGHT] +[WLClient sharedInstance] in WLClient.m:165 :: IBMMobilieFirstFoundation.framework version = 7.1-2016/01/25 08:04:23
2016-02-16 15:31:39.942 YITCallCenter[3010:1041692] [DEBUG] [WL_REQUEST] -[WLRequest requestFinished:] in WLRequest.m:365 :: Response Header: {
"Content-Length" = 887;
"Content-Type" = "application/json;charset=UTF-8";
Date = "Tue, 16 Feb 2016 08:32:14 GMT";
"X-Powered-By" = "Servlet/3.0";
}
Response Data: {"certificate":"MIICfzCCAWegAwIBAgIJAPVYUEY0ukWzMA0GCSqGSIb3DQEBCwUAMGsxCzAJBgNVBAYTAklMMQswCQYDVQQIEwJJTDERMA8GA1UEBxMIU2hlZmF5aW0xDDAKBgNVBAoTA0lCTTEcMBoGA1UECxMTTW9iaWxlRmlyc3RQbGF0Zm9ybTEQMA4GA1UEAxMHTUZQIERldjAgFw0xNjAyMTYwODMyMTVaGA8yMDY2MDIxNjA4MzIxNVowWTEdMBsGCgmSJomT8ixkARkWDVlJVENhbGxDZW50ZXIxODA2BgoJkiaJk\/IsZAEBEyg2ODhiYzhkOGViYWNkNGY0M2FkYjBjMjE0NzQ0NjNiNTUwZDcwYWUwMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAM0NKuJEcSlRDEFxM6+rapjpLaNw89GH+IYF6uJy11dxJsyrwzveaD\/cLyhNrwp4riu+RpkJeFj\/JMwR1\/9dZNMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYaTY7AYVB\/jpRxsEHADCbzeUcSjr65qN\/0c6EgIJ3GTSXQOtpRl7ApdBot6GMeMSZbXQRFZc9OWtZ8V3ww7UOCwrWPY9RlykNqaH5ViPnTHTjBdrd0HrIb+HrK67E+FKWQhdeE5xL+YSGiQTB7IOunYCJbII91y+s\/MDwIQNppcG2FNKLoEoiDPBPnesjNXYa+sNaexXK4NhqosP8KNoac6IcOPoaLaAosnRWKd+y13vWxLCpu86UKbkA668SpUXky9I94X1NXJIFKlHKwzX4AuHji5JbkcnVLjm77rvmIujHLxrNn1LX9jTq\/ofFfiOF4ae752\/G6olUS5ln5O4SA=="}
Status code=200
2016-02-16 15:31:39.944 YITCallCenter[3010:1041692] [DEBUG] [WL_REQUEST] -[WLRequest requestFinished:] in WLRequest.m:424 :: NSS object is null
2016-02-16 15:31:39.948 YITCallCenter[3010:1041692] [DEBUG] [CERTIFICATE_MANAGER] BOOL hasCertificateExpired(X509 *) in WLCertManager.m:647 :: Certificate currentDate: 2016-02-16 08:31:39 +0000, expiryDate: 1523-02-16 08:32:15 +0000
2016-02-16 15:31:39.951 YITCallCenter[3010:1041692] [WARN] [CERTIFICATE_MANAGER] BOOL hasCertificateExpired(X509 *) in WLCertManager.m:649 :: Certificate has expired. Certificate expired on: 1523-02-16 08:32:15 +0000, verified on: 2016-02-16 08:31:39 +0000
2016-02-16 15:31:39.954 YITCallCenter[3010:1041692] [DEBUG] [WL_AUTH] -[WLAuthorizationManager failRegistratioWithResponse:] in WLAuthorizationManager.m:866 :: Response does not contain a valid certificate and client Id. device registration failed
2016-02-16 15:31:39.967 YITCallCenter[3010:1041692] [DEBUG] [CERTIFICATE_MANAGER] +[WLCertManager removeKey:] in WLCertManager.m:262 :: Key was successfully removed.
2016-02-16 15:31:39.978 YITCallCenter[3010:1041692] [DEBUG] [CERTIFICATE_MANAGER] +[WLCertManager removeKey:] in WLCertManager.m:262 :: Key was successfully removed.
2016-02-16 15:31:39.986 YITCallCenter[3010:1041692] [DEBUG] [WORKLIGHT] +[WLClient sharedInstance] in WLClient.m:165 :: IBMMobilieFirstFoundation.framework version = 7.1-2016/01/25 08:04:23
2016-02-16 15:31:40.001 YITCallCenter[3010:1041692] [DEBUG] [WORKLIGHT] -[NotificationEx loadingStop:] in NotificationEx.m:150 :: Loading stop
2016-02-16 15:31:40.002 YITCallCenter[3010:1042149] [DEBUG] [NONE] Client registration failed with error: {"responseHeaders":{},"status":200,"responseText":"Invalid response when registering application","invocationContext":null}
2016-02-16 15:31:40.005 YITCallCenter[3010:1042108] [ERROR] [NONE] [/apps/services/api/YITCallCenter/iphone/query] failure. state: 200, response: undefined
2016-02-16 15:31:40.088 YITCallCenter[3010:1041692] THREAD WARNING: ['Notification'] took '84.625732' ms. Plugin should use a background thread.
I think the most interesting error is
[WL_AUTH] -[WLAuthorizationManager failRegistratioWithResponse:] in WLAuthorizationManager.m:866 :: Response does not contain a valid certificate and client Id. device registration failed
PS I have already set ipaddress instead of localhost
I was having this exact problem with all of my upgraded 7.1 iOS mobilefirst applications. I discovered that the App Authenticity was turned on to Basic for iOS by default now (new in MobileFirst 7.1) because I had an existing section in my application-descriptor.xml. Removing the security section from my application-descriptor.xml and rebuilding and redeploying the wlapp files fixed my problem. I followed this approach.
How to disable app authenticity on IBM MobileFirst 7.1 remote server?
I suggest to try the following, as mentioned in this answer: Unable to login to app on device or simulator after upgrade to iOS 9 and MobileFirst 7.1
Update the host value in worklight.plist to match the one of the server you attempt to connect to. Then see if it fails still.
I find out there bug on Mobile First itself it turn out that when I set my iPhone calendar buddhist to Gregorian the application able to login. Recommended IBM to come out with patch Thank you
Hi I recently had develop small sample application using IBM MobileFirst 7.1. I have successfully run app on simulator, it able to login perfectly without error but when I tested on actual device (iOS 9.2) the app failed to login here is some error log I receive
2016-02-16 15:31:39.847 YITCallCenter[3010:1041692] [DEBUG] [WL_REQUEST] -[WLRequest sendRequest:path:withOptions:] in WLRequest.m:221 :: Sending request (http://10.12.11.59:10080/YITCallCenter/authorization/v1/clients/instance) with headers:
{
"Accept-Language" = "th-TH";
"User-Agent" = "YITCallCenter/1.0 (iPhone; iOS 9.2.1; Scale/3.00)/WLNativeAPI/7.1.0.0";
"X-Requested-With" = XMLHttpRequest;
"x-wl-app-version" = "1.0";
"x-wl-device-id" = "AACA3EB7-EEF1-429A-A9A7-597231D2C8B2";
"x-wl-platform-version" = "7.1.0.0";
}
You can see the request body in the Analytics platform logs.
2016-02-16 15:31:39.855 YITCallCenter[3010:1041692] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper start] in WLAFHTTPRequestOperationManagerWrapper.m:332 :: Starting the request with URL http://10.12.11.59:10080/YITCallCenter/authorization/v1/clients/instance
2016-02-16 15:31:39.857 YITCallCenter[3010:1041692] [DEBUG] [WL_REQUEST] __42-[WLRequest sendRequest:path:withOptions:]_block_invoke in WLRequest.m:231 :: waiting for response... (Thread=<NSThread: 0x155d04d90>{number = 1, name = main})
2016-02-16 15:31:39.860 YITCallCenter[3010:1041692] THREAD WARNING: ['WLAuthorizationManagerPlugin'] took '98.279053' ms. Plugin should use a background thread.
2016-02-16 15:31:39.933 YITCallCenter[3010:1041692] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFinished:] in WLAFHTTPRequestOperationManagerWrapper.m:345 :: Request Success
2016-02-16 15:31:39.935 YITCallCenter[3010:1041692] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFinished:] in WLAFHTTPRequestOperationManagerWrapper.m:346 :: Response Status Code : 200
2016-02-16 15:31:39.938 YITCallCenter[3010:1041692] [DEBUG] [WORKLIGHT] +[WLClient sharedInstance] in WLClient.m:165 :: IBMMobilieFirstFoundation.framework version = 7.1-2016/01/25 08:04:23
2016-02-16 15:31:39.942 YITCallCenter[3010:1041692] [DEBUG] [WL_REQUEST] -[WLRequest requestFinished:] in WLRequest.m:365 :: Response Header: {
"Content-Length" = 887;
"Content-Type" = "application/json;charset=UTF-8";
Date = "Tue, 16 Feb 2016 08:32:14 GMT";
"X-Powered-By" = "Servlet/3.0";
}
Response Data: {"certificate":"MIICfzCCAWegAwIBAgIJAPVYUEY0ukWzMA0GCSqGSIb3DQEBCwUAMGsxCzAJBgNVBAYTAklMMQswCQYDVQQIEwJJTDERMA8GA1UEBxMIU2hlZmF5aW0xDDAKBgNVBAoTA0lCTTEcMBoGA1UECxMTTW9iaWxlRmlyc3RQbGF0Zm9ybTEQMA4GA1UEAxMHTUZQIERldjAgFw0xNjAyMTYwODMyMTVaGA8yMDY2MDIxNjA4MzIxNVowWTEdMBsGCgmSJomT8ixkARkWDVlJVENhbGxDZW50ZXIxODA2BgoJkiaJk\/IsZAEBEyg2ODhiYzhkOGViYWNkNGY0M2FkYjBjMjE0NzQ0NjNiNTUwZDcwYWUwMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAM0NKuJEcSlRDEFxM6+rapjpLaNw89GH+IYF6uJy11dxJsyrwzveaD\/cLyhNrwp4riu+RpkJeFj\/JMwR1\/9dZNMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYaTY7AYVB\/jpRxsEHADCbzeUcSjr65qN\/0c6EgIJ3GTSXQOtpRl7ApdBot6GMeMSZbXQRFZc9OWtZ8V3ww7UOCwrWPY9RlykNqaH5ViPnTHTjBdrd0HrIb+HrK67E+FKWQhdeE5xL+YSGiQTB7IOunYCJbII91y+s\/MDwIQNppcG2FNKLoEoiDPBPnesjNXYa+sNaexXK4NhqosP8KNoac6IcOPoaLaAosnRWKd+y13vWxLCpu86UKbkA668SpUXky9I94X1NXJIFKlHKwzX4AuHji5JbkcnVLjm77rvmIujHLxrNn1LX9jTq\/ofFfiOF4ae752\/G6olUS5ln5O4SA=="}
Status code=200
2016-02-16 15:31:39.944 YITCallCenter[3010:1041692] [DEBUG] [WL_REQUEST] -[WLRequest requestFinished:] in WLRequest.m:424 :: NSS object is null
2016-02-16 15:31:39.948 YITCallCenter[3010:1041692] [DEBUG] [CERTIFICATE_MANAGER] BOOL hasCertificateExpired(X509 *) in WLCertManager.m:647 :: Certificate currentDate: 2016-02-16 08:31:39 +0000, expiryDate: 1523-02-16 08:32:15 +0000
2016-02-16 15:31:39.951 YITCallCenter[3010:1041692] [WARN] [CERTIFICATE_MANAGER] BOOL hasCertificateExpired(X509 *) in WLCertManager.m:649 :: Certificate has expired. Certificate expired on: 1523-02-16 08:32:15 +0000, verified on: 2016-02-16 08:31:39 +0000
2016-02-16 15:31:39.954 YITCallCenter[3010:1041692] [DEBUG] [WL_AUTH] -[WLAuthorizationManager failRegistratioWithResponse:] in WLAuthorizationManager.m:866 :: Response does not contain a valid certificate and client Id. device registration failed
2016-02-16 15:31:39.967 YITCallCenter[3010:1041692] [DEBUG] [CERTIFICATE_MANAGER] +[WLCertManager removeKey:] in WLCertManager.m:262 :: Key was successfully removed.
2016-02-16 15:31:39.978 YITCallCenter[3010:1041692] [DEBUG] [CERTIFICATE_MANAGER] +[WLCertManager removeKey:] in WLCertManager.m:262 :: Key was successfully removed.
2016-02-16 15:31:39.986 YITCallCenter[3010:1041692] [DEBUG] [WORKLIGHT] +[WLClient sharedInstance] in WLClient.m:165 :: IBMMobilieFirstFoundation.framework version = 7.1-2016/01/25 08:04:23
2016-02-16 15:31:40.001 YITCallCenter[3010:1041692] [DEBUG] [WORKLIGHT] -[NotificationEx loadingStop:] in NotificationEx.m:150 :: Loading stop
2016-02-16 15:31:40.002 YITCallCenter[3010:1042149] [DEBUG] [NONE] Client registration failed with error: {"responseHeaders":{},"status":200,"responseText":"Invalid response when registering application","invocationContext":null}
2016-02-16 15:31:40.005 YITCallCenter[3010:1042108] [ERROR] [NONE] [/apps/services/api/YITCallCenter/iphone/query] failure. state: 200, response: undefined
2016-02-16 15:31:40.088 YITCallCenter[3010:1041692] THREAD WARNING: ['Notification'] took '84.625732' ms. Plugin should use a background thread.
I think the most interesting error is
[WL_AUTH] -[WLAuthorizationManager failRegistratioWithResponse:] in WLAuthorizationManager.m:866 :: Response does not contain a valid certificate and client Id. device registration failed
PS I have already set ipaddress instead of localhost
I was having this exact problem with all of my upgraded 7.1 iOS mobilefirst applications. I discovered that the App Authenticity was turned on to Basic for iOS by default now (new in MobileFirst 7.1) because I had an existing section in my application-descriptor.xml. Removing the security section from my application-descriptor.xml and rebuilding and redeploying the wlapp files fixed my problem. I followed this approach.
How to disable app authenticity on IBM MobileFirst 7.1 remote server?
I suggest to try the following, as mentioned in this answer: Unable to login to app on device or simulator after upgrade to iOS 9 and MobileFirst 7.1
Update the host value in worklight.plist to match the one of the server you attempt to connect to. Then see if it fails still.
I find out there bug on Mobile First itself it turn out that when I set my iPhone calendar buddhist to Gregorian the application able to login. Recommended IBM to come out with patch Thank you