App Transport Security: NSURLSession/NSURLConnection HTTP load failed

Question

I have this code:

func loginWithBasicAuth() -> Void {

    let usernameText = username.text
    let passwordText = password.text

    let credentialData = "\(usernameText):\(passwordText)".dataUsingEncoding(NSUTF8StringEncoding)
    let base64Credentials = credentialData?.base64EncodedStringWithOptions([])
    let headers = ["Authorization": "HTTP Basic \(base64Credentials)"]

    Alamofire.request(.GET, "https://api.domainname.com/v0.1/", headers: headers).responseString { aResponse in

        if let receivedString = aResponse.result.value {

            print(receivedString)

        } else {

            print("Login failed.")

        }
    }
}

In the console it prints:

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802) Login failed.

Here's the configuration in the info.plist file：

What's wrong？

try NSTemporaryExceptionRequiresForwardSecrecy = NO in your exception domain — Warren Burton
Add this key NSIncludesSubdomains to api.domainname.com dictionary.And set it to YES to include subdomains — Leo
@Leo No, doesn't work. Is it something wrong with the Exception Domains format? — Bright Future
I notice that your request is https,it seems that it is not the problem of App Transport Security. Does your api server have valid Certificate? — Leo

Marcos Crispino Marcos Crispino · Accepted Answer · 2015-10-20T13:53:53

I'm not sure NSThirdPartyExceptionAllowsInsecureHTTPLoads is the right key to use when the connection is via HTTPS. You should probably use NSThirdPartyExceptionMinimumTLSVersion or NSThirdPartyExceptionRequiresForwardSecrecy.

I would highly recommend reading the App Transport Security Technote document, specially the Diagnosing Connection Issues section.

There is a tool that may help you diagnose your domain:

/usr/bin/nscurl --ats-diagnostics [--verbose] URL

App Transport Security: NSURLSession/NSURLConnection HTTP load failed

3 Answers