AFNetworking SSL certificate fail iOS

4
votes

I spent a lot of time searching for answer but still no luck, so I decided to give up and ask for community help:

1 I have a dev server with self-signed cert

2 Yes I did used policy.allowInvalidCertificates = YES;

3 SSL is on custom port 44302

4 I need to run a download task cause request returns a data stream

Here is my code:

NSURLSessionConfiguration *configuration = [NSURLSessionConfiguration defaultSessionConfiguration];
AFURLSessionManager *manager = [[AFURLSessionManager alloc] initWithSessionConfiguration:configuration];
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
policy.allowInvalidCertificates = YES;
manager.securityPolicy = policy;

NSURL *URL = [NSURL URLWithString:[NSString stringWithFormat:@"https://self_signed_cert.net:44302/storage/%@/action.download", _ticketId]];
NSURLRequest *request = [NSURLRequest requestWithURL:URL];
NSURLSessionDataTask *dataTask = [manager dataTaskWithRequest:request completionHandler:^(NSURLResponse *response, id responseObject, NSError *error) {
    if (error) {
        NSLog(@"Error: %@", error);
    } else {
        NSLog(@"%@ %@", response, responseObject);
    }
}];
[dataTask resume];

Here is the error:

2015-08-03 18:18:15.901 SSL_TEST[1517:23943] Error: Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo=0x787d2f20 {NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorCodeKey=-9806, NSErrorFailingURLStringKey=https://self_signed_cert.net:44302/storage/a430f316cfe076e9850874c0edad3dcb/action.download, _kCFStreamErrorDomainKey=3, NSUnderlyingError=0x787da700 "The operation couldn’t be completed. (kCFErrorDomainCFNetwork error -1200.)", NSErrorFailingURLKey=https://self_signed_cert.net:44302/storage/a430f316cfe076e9850874c0edad3dcb/action.download}

will be appreciate for your help! Thanks.

1
iossslssl-certificateafnetworking-2
Did you solve your problem? I'm experiencing the same...Raphaël Pinto
We moved upload and download to http, it still not works, sryitworksinua

1 Answers

0
votes

I've tried on an empty project, it works on the App :

NSURL* lBaseURL = [NSURL URLWithString:@"https://myDomain/"];
    AFHTTPSessionManager* lSessionManager = [[AFHTTPSessionManager alloc] initWithBaseURL:lBaseURL
                                              sessionConfiguration:[NSURLSessionConfiguration defaultSessionConfiguration]];


    AFSecurityPolicy* lPolicy= [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
    lPolicy.allowInvalidCertificates = YES;

    lSessionManager.securityPolicy = lPolicy;


    [lSessionManager GET:@"https://myDomain/api/"
              parameters:nil
                 success:^(NSURLSessionDataTask * _Nonnull task, id  _Nonnull JSON)
     {
         NSLog(@"success %@", JSON);
     }
                 failure:^(NSURLSessionDataTask * _Nonnull task, NSError * _Nonnull error)
     {
         NSLog(@"failure %@", error);
     }];
  • Don't forget to add to your target (in the App AND in the watch App) your .cer file
  • Activate ATS into the .plist NSAppTransportSecurity

But I'm stuck with the watchOS 2.0 extension. It just fail with this error :

Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSErrorFailingURLKey=https://myDomain/api, _kCFStreamErrorCodeKey=-9802, NSErrorFailingURLStringKey=https://myDomain/api, NSErrorClientCertificateStateKey=0, _kCFStreamErrorDomainKey=3, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made.}