0

As title says. I have tried using both NSURLSession and Alamofire.

Both are giving me the same errors. I am using the simulator and don't have access to a device. I have limitations and need it to work on the simulator.

I am trying to retrieve userlogin details from the server (again the server i don't have access to as another team is responsible.

let headers = [
    "content-type": "application/json",
    "accept": "application/json",
    "appid": "test",
    "cache-control": "no-cache",
    "postman-token": "xxxx-xxxx-xxxx-xxxx-xxxx"
]
let parameters = ["attributes": [
    "password": "test",
    "devicename": "My smartphone",
    "deviceid": "ABC99999999",
    "email": "xxxx@xxxx.co.uk"
    ]]


do {

    let postData = try NSJSONSerialization.dataWithJSONObject(parameters, options: .PrettyPrinted)

    let request = NSMutableURLRequest(URL: NSURL(string: "https://a-eco-oid-web-ppf-slo-vs-d.stbc2.jstest2.net:443/Identity/rest/appl/test/wflow/auth")!,
                                      cachePolicy: .UseProtocolCachePolicy,
                                      timeoutInterval: 10.0)
    request.HTTPMethod = "POST"
    request.allHTTPHeaderFields = headers
    request.HTTPBody = postData

    let session = NSURLSession.sharedSession()
    let dataTask = session.dataTaskWithRequest(request, completionHandler: { (data, response, error) -> Void in
        if (error != nil) {
            print(error?.localizedDescription)
        } else {
            let httpResponse = response as? NSHTTPURLResponse
            print(httpResponse)
        }
    })

    dataTask.resume()

} catch {

    print(error)
}

The Url is only for internal use so will not work outside our network.

These are the errors that i am getting constantly.

"An SSL error has occurred and a secure connection to the server cannot be made."

"The certificate for this server is invalid. You might be connecting to a server that is pretending to be “a-eco-oid-web-ppf-slo-vs-d.stbc2.jstest2.net” which could put your confidential information at risk."

I have searched and searched online but can not find any solution.

This is what my info.plist looks like:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
    <key>NSExceptionDomains</key>
    <dict>
        <key>a-eco-oid-web-ppf-slo-vs-d.stbc2.jstest2.net</key>
        <dict>
            <key>NSRequiresCertificateTransparency</key>
            <string>NO</string>
            <key>NSThirdPartyExceptionMinimumTLSVersion</key>
            <string>TLSv1.2</string>
            <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
            <string>YES</string>
            <key>NSThirdPartyExceptionAllowInsecureHTTPSLoads</key>
            <false/>
            <key>NSExceptionMinimumTLSVersion</key>
            <string>TLSv1.2</string>
            <key>NSExceptionRequiresForwardSecrecy</key>
            <true/>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSIncludeSubdomains</key>
            <true/>
        </dict>
    </dict>
</dict>

I have looked at the following posts and applied them already without any success:

How to connect to self signed servers using Alamofire 1.3

iOS 9.3 : An SSL error has occurred and a secure connection to the server cannot be made

iOS9 getting error “an ssl error has occurred and a secure connection to the server cannot be made”

UPDATE 1: I forgot to add that when i used Alamofire, i also tried to ignore the server policies or bypass them via the methods below, again none of them worked :(

let manager : Alamofire.Manager = {
    // Create the server trust policies
    let serverTrustPolicies: [String: ServerTrustPolicy] = [
        "a-eco-oid-web-ppf-slo-vs-d.stbc2.jstest2.net": .DisableEvaluation
    ]
    // Create custom manager
    let configuration = NSURLSessionConfiguration.defaultSessionConfiguration()
    configuration.HTTPAdditionalHeaders = Alamofire.Manager.defaultHTTPHeaders
    let man = Alamofire.Manager(
        configuration: NSURLSessionConfiguration.defaultSessionConfiguration(),
        serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
    )
    return man
}()

let manager = Alamofire.Manager.sharedInstance
manager.delegate.sessionDidReceiveChallenge = { session, challenge in
    var disposition: NSURLSessionAuthChallengeDisposition = .PerformDefaultHandling
    var credential: NSURLCredential?
    if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
        disposition = NSURLSessionAuthChallengeDisposition.UseCredential
        credential = NSURLCredential(forTrust: challenge.protectionSpace.serverTrust!)
    } else {
        if challenge.previousFailureCount > 0 {
            disposition = .CancelAuthenticationChallenge
        } else {
            credential = manager.session.configuration.URLCredentialStorage?.defaultCredentialForProtectionSpace(challenge.protectionSpace)
            if credential != nil {
                disposition = .UseCredential
            }
        }
    }
    return (disposition, credential)
}
Community
  • 1
  • 1
GameDev
  • 445
  • 7
  • 21
  • ohhh...certificate issue at server side. Handshaking is getting fail during service call. You can bypass certificate but ur app will get rejected by Apple. Try to resolve certificate issue at your server. – Gagan_iOS Jun 07 '16 at 10:08
  • It looks like the host name your are accessing is serving an SSL certificate that was issued to a different host name and so is considered to be invalid, confirm this by accessing the url from a browser and looking at the certificate properties. If that is indeed the the case, deploy a new certificate to the server or choose to [ignore SSL errors](http://stackoverflow.com/questions/3766755/ignoring-certificate-errors-with-nsurlconnection) – Alex K. Jun 07 '16 at 10:08
  • Thanks guys for the fast feedback, please see my updated answer as i tried to bypass the server security checks but it still didn't allow this. – GameDev Jun 07 '16 at 10:27
  • What happens when you do: "openssl s_client -connect yourhostname:443" in Terminal on a Mac? That should give you a good idea of what's wrong. BTW, please don't submit an app with TLS validation disabled. :-) – dgatwood Jul 25 '16 at 05:44
  • Thanks, for the help. But yes the issue was on server side with certificates. All solved now :) – GameDev Jul 26 '16 at 09:28

0 Answers0