0

Im trying to send data in JSON format on a server with self-signed cert from my iOS app via Objective C. Unfortunately I get this error:

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9807)

On this thread: NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813) iOS I have found out I should add this code in my info.plist file, but it is not working for me. Btw when I remove it i got same error with number 9802.

<key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict>

I have also tried to implement this:

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential *))completionHandler{
if([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]){
    if([challenge.protectionSpace.host isEqualToString:@"mydomain.com"]){
        NSURLCredential *credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
        completionHandler(NSURLSessionAuthChallengeUseCredential,credential);
    }
}

}

but I don't know how to call this method (where to get values for parameters of this function) - now I'm using 

[[session dataTaskWithRequest:request completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
    NSString *requestReply = [[NSString alloc] initWithData:data encoding:NSASCIIStringEncoding];
    NSLog(@"requestReply: %@", requestReply);
}] resume];

to start the session.

Im still a beginner so please sorry me if I ask some stupid question, or if something is unclear. Thanks for help!

Community
  • 1
  • 1
Lolipop52
  • 25
  • 8

1 Answers1

0

Also required is for the app to support IPV6 including not using hard-coded IP addresses. Suggested is to use NSURLSession. Otherwise exception additions must be made in the app plist.

See the WWDC-15 session "Security and your Apps".

iOS9 requires the server to only support TLSv1.2 and support perfect forward security.

Also see Steven Peterson's Blog for detailed reference.

Hope this helps.

Ronak Chaniyara
  • 5,335
  • 3
  • 24
  • 51
  • Thank you for a reply. However I still don't really know what Im doing wrong. Is TLSv1.2 must in? - I thought its bypassed by NSAllowsArbitraryLoads. Is there somewhere reference of errors (what the error actually mean?) – Lolipop52 Nov 19 '15 at 20:17