Intermittent connection Public Tableau since yesterday morning.
Other forums recommend making changes to IE9, i.e.
Tools -> Internet Options > Advanced > Security Section >
Uncheck Check for publicher's certificate revocation
AND
Uncheck Check for server certificate revocation
I restarted machine, and problem persists. How to troubleshoot?
Related
Since Xcode Cloud was launched last year I'd been able to connect from the Xcode wizard to my Github.com account and the CI worked like a charm, however today I'd been trying to create an Xcode Cloud for a new app and it doesn't finish the wizard flow throwing an error
Connecting Xcode Cloud with your source control provider was incomplete.
Repository not accessible
On the GitHub.com side everything seems to be working, did tried this from 2 different computers with the same results, has anyone else gone through this issue?, is there a solution for this or filing a radar to Apple is the only option here?.
I was facing same issue as I had two account connected in the Team for signing in capabilities.
my solution, remove other account and keep main account for Xcode Cloud.
-Tenant
I had this issue as I have two developer accounts - a work account and a personal account. The issue arose when the signing certificate used in the project in Xcode did not match the App Store Connect account that was signed in.
Check your signing certificate / team in Xcode and that you are logged into App Store Connect with the correct details.
Is it possible to connect from an IOS device to an Azure Point to Site VPN? (Yes, I know it is unsupported). However, I have seen it suggested that SSTP could be used, but cant find a concrete example.
Can anyone shed some light on if this is actually possible - or suggest alternatives?
Updated Answer
Now, Azure P2S VPN can be configured on iOS.
How to:
iOS VPN clients are supported for the Resource Manager deployment model only. They are not supported for the classic deployment model.
Note IKEv2 is currently in Preview.
When installing a client certificate, you need the password that was created when the client certificate was exported.
Locate the .pfx certificate file and copy it to your iOS. You can get the certificate to the iOS in several ways, for example, you can email the certificate file or copy it to your Onedrive and open it through Safari. Click Allow
Install the certificate on your iOS:
Adding VPN configuration on iOS (Choose to use certificate to authentication,details information is in the VpnSettings.xml, which downloaded from Azure portal > Point-to-site configuration> Download VPN client> Open the folder > Generic ):
4.Connect the VPN and try browse the IIS behind the Azure VNet via a private IP:
Currently, this is not supported. You can leave your feedback and upvote for the same in this feedback link - https://feedback.azure.com/forums/217313-networking/suggestions/4233968-either-add-point-to-site-sstp-vpn-clients-for-mac
On our internal network, we use a self-signed CA certificate. This has worked fine for years, in both Safari and our iOS product, all the way through iOS 10. We simply install the CA certificate on any new device or simulator and everything works, even with ATS. This allows access to all of our internal test servers without having to trust each server individually.
Starting with iOS 11 the installed CA certificate no longer allows Safari or our app to trust the certificate for any of the servers. We receive the following relevant details with CFNETWORK_DIAGNOSTICS enabled for our app:
Error Domain=kCFErrorDomainCFNetwork Code=-1200
_kCFNetworkCFStreamSSLErrorOriginalValue=-9802
_kCFStreamErrorDomainKey=3
_kCFStreamErrorCodeKey=-9802
NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made.
NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?
I spent considerable time trying to resolve this issue, scouring StackOverflow and the rest of the web. Although we use AFNetworking in our app, that seems to be irrelevant, as Safari no longer trusts these servers via the CA. Disabling ATS via NSAllowsArbitraryLoads allows access to the servers, but obviously isn't a solution.
No changes have been made to our -URLSession:didReceiveChallenge:completionHandler code, and we have a proper (worked for years) implementation of challenge response via challenge.protectionSpace.serverTrust.
I have re-evaluated and tested both the CA and server certificates every way I can think of, and they work everywhere except iOS 11. What might have changed in ATS for iOS 11 that could cause this issue?
While writing this question, I discovered the answer. Installing a CA from Safari no longer automatically trusts it. I had to manually trust it from the Certificate Trust Settings panel (also mentioned in this question).
I debated canceling the question, but I thought it might be helpful to have some of the relevant code and log details someone might be looking for. Also, I never encountered the issue until iOS 11. I even went back and reconfirmed that it automatically works up through iOS 10.
I've never needed to touch that settings panel before, because any installed certificates were automatically trusted. Maybe it will change by the time iOS 11 ships, but I doubt it. Hopefully this helps save someone the time I wasted.
If anyone knows why this behaves differently for some people on different versions of iOS, I'd love to know in comments.
Update 1: Checking out the first iOS 12 beta, it looks like things remain the same. This question/answer/comments are still relevant on iOS 12.
Update 2: Same solution seems to be needed on iOS 13 beta builds as well.
I've been struggling with this for 3 days now while attempting to connect to a local API running Laravel valet. I finally figured it out. In my case I had to drag and drop over the LaravelValetCASelfSigned.pem file from ~/.config/valet/CA/LaravelValetCASelfSigned.pem
After verifying the installing within the simulator I had to go to Settings > About > Certificate Trust Settings > and Enable the Laravel Valet VA Self Signed CN
Finally working!!!
Recommended solution is to install and trust a self-signed certificate (root). Assuming you created your own CA and the hierarchy of the certificated is correct you don't need to change the server trust evaluation. This is recommended because it doesn't require any changes in the code.
Generate CA and the certificates (you can use openssl: Generating CA and self-signed certificates.
Install root certificate (*.cer file) on the device - you can open it by Safari and it should redirect you to Settings
When the certificated is installed, go to Certificate Trust Settings (Settings > General > About > Certificate Trust Settings) as in MattP answer.
If it is not possible then you need to change server trust evaluation.
More info in this document: Technical Q&A QA1948 HTTPS and Test Servers
This has happened to me also, after undating to IOS11 on my iPhone. When I try to connect to the corporate network it bring up the corporate cert and says it isn't trusted. I press the 'trust' button and the connection fails and the cert does not appear in the trusted certs list.
Apple hand three categories of certificates: Trusted, Always Ask and Blocked. You'll encounter the issue if your certificate's type on the Blocked and Always Ask list. On Safari it show’s like:
And you can find the type of Always Ask certificates on Settings > General > About > Certificate Trust Setting
There is the List of available trusted root certificates in iOS 11
Blocking Trust for WoSign CA Free SSL Certificate G2
If you are not seeing the certificate under General->About->Certificate Trust Settings, then you probably do not have the ROOT CA installed. Very important -- needs to be a ROOT CA, not an intermediary CA.
I just answered a question here explaining how to obtain the ROOT CA and get things to show up: How to install self-signed certificates in iOS 11
I follow all recommendations and all requirements. I install my self signed root CA on my iPhone. I make it trusted. I put certificate signed with this root CA on my local development server and I still get certificated error on safari iOS. Working on all other platforms.
Hi I receive the following error:
Error Domain=NSURLErrorDomain Code=-1202 \"The certificate for this server is invalid. You might be connecting to a server that is pretending to be “server-prod.name-cloud.com” which could put your confidential information at risk.\" UserInfo={NSErrorFailingURLStringKey=https://server-prod.name-cloud.com /v3/project/session/926B9E6BE31B/, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://server-prod.name-cloud.com /v3/project/session/926B9E6BE31B/, _kCFStreamErrorCodeKey=-9843, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “server-prod.name-cloud.com” which could put your confidential information at risk.}
I read all the relevant docs, we apply all the requirements in "Common Failures" section.
More details:
the errors received only from Germany(except 4 times in the past 2W that was from Italy)
It is not reproducible in house
Eventually after tons of retries the uploads go throw
This was received booth in iOS 10.x.x & 9.x.x
I use amazon servers with 2016-08 SSL Security Policies,
so according to apple it should be OK
In the app I use:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
note - in production I always use HTTP’s, I leave the NSAllowsArbitraryLoads because some testers offshore can switch the rout to HTTP for debugging.
For the devs who are working with a server locally and need to get the iOS Simulator to trust the certificate. Follow the steps below:
Get the .cer file by exporting the certificate from the Keychain. You need the certificate file in a valid format and its easiest to get this by
exporting it from the Keychain.
Drag and drop the aforementioned .cer file onto the simulator. It should give you a prompt on installing a "Profile". Go ahead and follow the instructions to install it.
For those who are working with the latest versions of Xcode and iOS Simulator. You need to do 1 last step. The Simulator must be explicitly told to trust the root CA. Do this by going to General -> About -> Certificate Trust Settings -> "Enable Full Trust for Root Certificate" for your particular certificate
Hopefully, this saves headaches for some people!
If you're on a work laptop with any kind of security measures, the SSL certs may be getting inspected / MITM'd by the endpoint protection.
Try opening any web page in mobile Safari. I get these same NSURLErrorDomain Code=-1202 errors there as I do for https API requests from Xcode in iOS Simulator.
Solution will be to turn off this security feature...
Or install a certificate: https://developer.apple.com/library/archive/qa/qa1948/_index.html
Similar issue is asked here: iOS Simulator not works on https, all https are evaluated as not trusted
It took a lot of time for me to find a fix for this:
If any of us ran across the certificate issue,.
It is because of antivirus preventing iPhone simulator to browse any websites.I was able to fix this issue by the following steps:
uninstall or turn off Antivirus in Mac.
erase all content and settings of simulator.
restart mac.
I've got my Xcode server setup on a mac mini. Downloading the .ipa from https://pandora.local/xcode/ using Itunes works just fine.
I tried installing it directly from the phone from safari. It installs a certificate but when I click install it gives an error, saying that it can't connect to the server.
For the mention issue, I got solved by going into iphone settings -> general - > About - > Scroll to the bottom , Click on Certificate Trust Settings -> trun on for Xcode Server Root Certificate Authority. See screenshot.
had the exact same issue and it was a browser caching issue on Safari.
I went into Settings -> Safari -> Advanced -> Website Data, then left swiped on my Xcode server website to reveal the Delete button and clicked on it for just that website.
The next time I browsed to the Xcode server in Safari and attempted to install a build, I received the prompt to install the OTA certificate and when accepted done that I could install applications.
I tried the same, deleting the Website Data for my xcode server, but that did not actually work for me.
See my answer at Xcode bot install link request time out for an alternative solution.
you can get the answer offical description,
In iOS 10.3 and later, when you manually install a profile that contains a certificate payload, that certificate isn't automatically trusted for SSL.
You must manually turn on trust for SSL when you install a profile that is sent to you via email or downloaded from a website.
If you want to turn on SSL trust for that certificate, go to Settings > General > About > Certificate Trust Settings. Under "Enable full trust for root certificates," turn on trust for the certificate.
Apple recommends deploying certificates via Apple Configurator or Mobile Device Management (MDM). Certificate payloads installed with Configurator, MDM, or as part of an MDM enrollment profile are automatically trusted for SSL.