What is the correct way to create a SSL socket connection in iOS?
I've implemented a SSL server in Java by:
creating a SSL certificate with a store password
loading it by setting the system properties "javax.net.ssl.keyStore" and "javax.net.ssl.keyStorePassword"
creating a SSLServerSocket with the SSLServerSocket factory
Now I want to create a client app which opens a socket connection in a thread and communicates over that. What is the proper way to create such a connection and do the communication with my servers certificate?
You can use NSInputStream and NSOutputStream to connect using TLS as per the answer to this question.
EDIT:
Rather than use the SSL settings in that answer, I would suggest this:
NSDictionary *settings = #{
(__bridge NSString *)kCFStreamPropertySocketSecurityLevel:(__bridge NSString *)kCFStreamSocketSecurityLevelNegotiatedSSL
};
This uses the following defaults:
kCFStreamSSLAllowsExpiredCertificates: NO
kCFStreamSSLAllowsAnyRoot: NO
kCFStreamSSLValidatesCertificateChain: YES
If you want to set the security level to use a particular version of SSL or TLS, take a look at the values in CFSocketStream.h.
There is no need to create a certificate if you are making a client app not a server one.
To do it in iOS, there are a number of ways, the simplest is to use AFNetworking library.
Just put the url (https) inside one of its methods, and you are ready.
I used it many times. Just spend 5 mins to read the doc.
Related
I am creating in the application support for the Unwanted Communication Reporting extension. All I found is this guide from Apple: https://developer.apple.com/documentation/sms_and_call_reporting/sms_and_call_spam_reporting and i follow it.
I've done:
Instantiates my ViewController from ILClassificationUIExtensionViewController.
Calls controller’s prepare(for:) method to customize UI.
Create button to notify the system when you have completed gathering information (setting setting isReadyForClassificationResponse property to true.)
Configure classificationResponse(for:) method after pressing Done button.
I want to send a response over the network so I add an associated domain to extension by following this instruction: https://developer.apple.com/documentation/xcode/supporting-associated-domain and advises from interenet.
(Apple documentation supporting associated domain screenshots: https://i.stack.imgur.com/zxroa.png)
Create file apple-app-site-association, use classificationreport instead of webcredentials when specifying the domains.
{
"applinks": {
"apps": [],
"details": [
{
"appID": “XXXX.com.project.UnwantedCommunicationExtension",
"paths": ["*"]
}
]
},
"classificationreport": {
"apps": ["XXXX.com.project.UnwantedCommunicationExtension"]
}
}
Add domain to the entitlement: https://i.stack.imgur.com/38qbn.png
Specify the network endpoint’s address using the ILClassificationExtensionNetworkReportDestination key in extension’s Info.plist file: https://i.stack.imgur.com/C6lbf.png
Create test server and sent the apple-app-site-association file to this server.
Debugging and proxying my app, it doesn’t send any requests to the server. I can’t find any information about what request type should be sent, what data type will the server receive. Can anyone help to find information about it? Maybe advice what I did wrong, what settings should be on the server?
same issue, other person: https://github.com/signalapp/Signal-iOS/issues/2282
We've checked out the Signal-iOS repository and we're trying to make it connect to another server. We're running an instance of the server at signal.appcraft.nl. We've modified the defines in SignalServiceKit/src/TSConstants.h to match our server and we've changed the domains in App Transport Security Settings in /Signal/Signal-Info.plist
We also cloned the Android app and that one we managed to got working just fine. The iOS app seems not to be able to connect to the internet at all without a clear error. The first HTTP call that is done is GET https://signal.appcraft.nl/v1/accounts/sms/code/<MYNUMBER>?client=ios. When we invoke that URL using curl, we get a response (and SMS) just fine. From the app, we receive a Signal was unable to connect to the internet. Please try from another WiFi network or use mobile data. error. We also changed NSAllowsArbitraryLoads to Yes.
We've added a breakpoint in /Signal-iOS/Pods/AFNetworking/AFNetworking/AFHTTPSessionManager.m:292
# /Signal-iOS/Pods/AFNetworking/AFNetworking/AFHTTPSessionManager.m:292
(lldb) expr error
(NSURLError *) $3 = 0x00000001c0244800 domain: #"NSURLErrorDomain" - code: 18446744073709550617
Please advise
I am developing an app for iOS with Swift 3, this application search with the Bonjour service some robots in the local network which use a specific service, for example robot.local and show them in a list. The Bonjour service gives me the domain of the device. This is a example of the domains searched.
Ex.:
robot1.local
robot2.local
The next step, is when the user click an element of the list. This action start a connection by web sockets with the device and connect it for control it with the Iphone. I am using a library called RBManager which use RocketSocket library for connect. This library helps me to connect to RosBridge.
I use this code for connect:
NSURLRequest * request = [NSURLRequest requestWithURL:[NSURL URLWithString:#"wss://192.168.0.100:9090"]];
self.socket = [[SRWebSocket alloc] initWithURLRequest:request];
self.socket.delegate = self;
[self.socket open];
The problem is when I am install the app by Xcode I have not any problem but when I am install the app by an ipa file or by TestFlight the connection is rejected and shows this error:
managerDidFailWithError Optional(ErrorDomain=NSOSTatusErrorDomain
Code=-9807 "(null)" UserInfo={_kCFStreamErrorDomainKey=3,
_kCFStreamErrorCodeKey=-9807})
I found this issue in the library but is not the solution that I need.
I am deactive ATS in the info.plist but I not know how to solve this error. Could anyone help me?
I found the problem. The problem was that my RosBridge backend run with TLS and I didn't implement it.
The solution is implement the authentication in the client and all works :D
I made a javascript cloud app that runs on a webpage in a webview on my iPad app that communicates via WebSocket connection but it only works when im on my http site and not https or else I get an CFNetwork SSLHandshake failed (-9806) error in Xcode and on the website it says time out during handshake.
Is this because the webserver on the iPad is running on HTTP instead of HTTPS?
JAVASCRIPT CLOUD APP
This part in the cloud is working for HTTP when connecting to the web server on the iPad.
var protocol = "ws";
if (this.useSecureConnection)
protocol = "wss";
var url = protocol+'://localhost:'+this.port+'/service';
this.connection = new WebSocket(url);
Xcode iOS iPad App (Objective-C)
I thought that was the issue so I tried to enable HTTPS but I am not sure what to create for the "sslIdentityAndCertificates" method.
- (BOOL)isSecureServer
{
HTTPLogTrace();
// Override me to create an https server...
return YES;
}
/**
* This method is expected to returns an array appropriate for use in kCFStreamSSLCertificates SSL Settings.
* It should be an array of SecCertificateRefs except for the first element in the array, which is a SecIdentityRef.
**/
- (NSArray *)sslIdentityAndCertificates
{
HTTPLogTrace();
return nil;
}
Some of the other posts I have seen use APIs that are only available on Mac and not iOS.
I tried several combinations of ATS permissions as well. All resulted in HTTPS not allowing for WebSocket connection.
Any help is greatly appreciated! :)
I am developing an Chatting app for iOS platform. I am using XMPP framework downloaded from https://github.com/robbiehanson/XMPPFramework.
Initially server was not having certificates installed, it was a plain HTTP service. But now certificate authentication is required because now certificate is installed and need to support HTTPS protocol. I Tried just implementing following method,
- (void)xmppStream:(XMPPStream *)sender didReceiveTrust:(SecTrustRef)trust
completionHandler:(void (^)(BOOL shouldTrustPeer))completionHandler;
But now it is not connecting to that server or certificate validation is not happening.
Any idea apart from above delegate method do we need to set up any other thing ?
To connect to server i am using following method,
- (BOOL)connectWithTimeout:(NSTimeInterval)timeout error:(NSError **)errPtr
Regards,
Bhat
I resolved the above issue by setting the isSecure values as YES.
The following method was not publicly available for other classes in XMPPStream class.
-(void)setIsSecure:(BOOL)flag
By setting the above value am able to connect the port 5223 and SSL handshake works perfectly..
Regards,
Chandrika