问题
This worked fine for iOS 10.2 and below, but after upgrading to 10.3, when the simulator attempts to connect over HTTPS to the development server running on localhost, the Xcode console outputs the following errors:
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)
[] nw_coretls_callback_handshake_message_block_invoke_3 tls_handshake_continue: [-9807]
Printing out the error returned by the URLSessionDataTask shows:
Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600000527080>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, NSErrorPeerCertificateChainKey=(
"<cert(0x7ff3e1867200) s: localhost i: localhost>"
), NSUnderlyingError=0x60800024e880 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x600000527080>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x7ff3e1867200) s: localhost i: localhost>"
)}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://localhost:3000/v1/login, NSErrorFailingURLStringKey=https://localhost:3000/v1/login, NSErrorClientCertificateStateKey=0}
Reference: Apple: Developer: Guides and Sample Code: Technical Note TN2232: HTTPS Server Trust Evaluation
To create a self-signed SSL certificate, I used the following commands:
openssl genrsa -aes256 -passout pass:x -out server.pass.key 2048
openssl rsa -passin pass:x -in server.pass.key -out server.key
rm server.pass.key
openssl req -new -sha256 -key server.key -out server.csr -subj /CN=localhost
openssl x509 -req -sha512 -days 365 -in server.csr -signkey server.key -out server.crt
Source: GitHub - seviu/iOS-SSL-localhost
回答1:
After installing your self-signed SSL certificate (by dragging and dropping it) onto the iPhone Simulator, go to Settings > General > About > Certificate Trust Settings and enable full trust for your certificate.
回答2:
I also had same problem , You have to implement didRecieveChallenge delegate method to handle SSl error
Add below ;one of code in didReceiveChallenge delegate method of URLSession delegate methods or URLConnnection deleagte method.
- (void)URLSession :( NSURLSession *)session didReceiveChallenge :( NSURLAuthenticationChallenge *)challenge completionHandler :( void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable credential))completionHandler { NSURLSessionAuthChallengeDisposition lDisposition = NSURLSessionAuthChallengeUseCredential;
NSURLCredential *credential = [[NSURLCredential alloc] init];
if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
credential = [NSURLCredential credentialForTrust: challenge.protectionSpace.serverTrust];
lDisposition = NSURLSessionAuthChallengeUseCredential;
}
completionHandler(lDisposition, credential);}
来源:https://stackoverflow.com/questions/43303168/ios-10-3-simulator-https-localhost-ssl-error