iOS 9.3:发生 SSL 错误，无法与服务器建立安全连接

本文介绍了iOS 9.3:发生 SSL 错误，无法与服务器建立安全连接的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我在使用自签名证书时遇到以下错误

Error Domain=NSURLErrorDomain Code=-1200 "发生 SSL 错误并且无法与服务器建立安全连接.

同时为我的一个演示应用程序测试网络服务

• iOS 9.3
• XCode 7.3
• Swift 2.2
• Alamofire 3.3.0
• 和本地服务器:filename.hostname

注意: 在假设它是重复的之前，我会要求请一直阅读它，即使我已经向苹果开发论坛报告过

使用 Alamofire 库

func testAlamofireGETRequest() ->空白{Alamofire.request(.GET, "filename.hostname/HelloWeb/service/greeting/john").responseJSON{ 回应打印(响应JSON:(响应.结果.值)")}}

使用 NSURLSession

func testNSURLSessionRequest() ->空白 {让会话 = NSURLSession.sharedSession()让 urlString = "filename.hostname/HelloWeb/service/greeting/john"让 url = NSURL(string: urlString)让请求 = NSURLRequest(URL: url!)让 dataTask = session.dataTaskWithRequest(request) { (data:NSData?, response:NSURLResponse?, error:NSError?) ->作废打印(完成，错误:(错误)")//Error Domain=NSURLErrorDomain Code=-1200 "发生 SSL 错误，无法与服务器建立安全连接.}dataTask.resume()}

我花了两天没有运气:(

已经发布了一堆问题，但没有对我有用

• 传输安全阻止了明文 HTTP
• iOS9 出现错误发生了 ssl 错误，无法与服务器建立安全连接"
• 如何在 iOS 9 中启用 App Transport Security 的情况下加载 HTTP URL?[重复]
• CFNetwork SSLHandshake 在 iOS 9 中失败
• 如何在 iOS 中处理CFNetwork SSLHandshake failed"
• 在 iOS 9 中使用 self-发出 HTTPS 请求签名证书
• ios9 自签名证书和应用传输安全

已发布 Alamofire git 问题

• 执行非 SSL 请求时出现CFNetwork SSLHandshake 失败 (-9847)"错误 #538
• 不接受自签名证书#876
• 如何使用自签名证书文件将我的服务器作为 HTTPS 连接 #977

我的 Info.pist 文件以这种方式针对 ATS 设置进行更新

NSAppTransportSecurity<字典><key>NSExceptionDomains</key><字典><key>filename.hostname</key><字典><key>NSExceptionRequiresForwardSecrecy</key><假/><key>NSExceptionAllowsInsecureHTTPLoads</key><真/><key>NSIncludesSubdomains</key><真/><key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key><真/></dict></dict></dict>

同时我能够得到回复

filename.hostname

和google

但不适用于filename.hostname

谁能告诉我为什么经过巨大的努力后我还是不能让它工作?

解决方案

在 OS X 的命令行中，运行以下命令:

nscurl --ats-diagnostics filename.hostname --verbose

这将告诉您哪些 ATS 设置组合将允许和不允许 iOS 访问您的网站，并应指出您的网站有什么问题.

可能是以下一项或多项

• 证书哈希算法(必须是 SHA-256 或以上)
• TLS 版本(必须是 1.2)
• TLS 算法(必须提供完美的前向保密)

I am getting following error with self signed certificate

Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made.

while testing web-services for one of my demo app with

• iOS 9.3
• XCode 7.3
• Swift 2.2
• Alamofire 3.3.0
• and Local server : filename.hostname

Note: before assuming its Duplicate, I would request please read it all the way,even same i have reported to apple dev forums

Using Alamofire Library

func testAlamofireGETRequest() -> Void { Alamofire.request(.GET, "filename.hostname/HelloWeb/service/greeting/john") .responseJSON { response in print("Response JSON: (response.result.value)") } }

Using NSURLSession

func testNSURLSessionRequest() -> Void { let session = NSURLSession.sharedSession() let urlString = "filename.hostname/HelloWeb/service/greeting/john" let url = NSURL(string: urlString) let request = NSURLRequest(URL: url!) let dataTask = session.dataTaskWithRequest(request) { (data:NSData?, response:NSURLResponse?, error:NSError?) -> Void in print("done, error: (error)") //Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made. } dataTask.resume() }

I spent 2 days with no luck :(

there are bunch of questions already posted but nothing worked for me

• Transport Security has Blocked a cleartext HTTP
• iOS9 getting error "an ssl error has occurred and a secure connection to the server cannot be made"
• How do I load an HTTP URL with App Transport Security enabled in iOS 9? [duplicate]
• CFNetwork SSLHandshake failed iOS 9
• How to handle "CFNetwork SSLHandshake failed" in iOS
• Making HTTPS request in iOS 9 with self-signed certificate
• ios9 self signed certificate and app transport security

posted Alamofire git issue

• 'CFNetwork SSLHandshake failed (-9847)' error when performing a non-SSL request #538
• Self-Signed Certificate not accepted #876
• how can I connecting my server as HTTPS with using self-signed Certificate file #977

My Info.pist file is updated for ATS settings this way

<key>NSAppTransportSecurity</key> <dict> <key>NSExceptionDomains</key> <dict> <key>filename.hostname</key> <dict> <key>NSExceptionRequiresForwardSecrecy</key> <false/> <key>NSExceptionAllowsInsecureHTTPLoads</key> <true/> <key>NSIncludesSubdomains</key> <true/> <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key> <true/> </dict> </dict> </dict>

Meanwhile I am able to get response for

filename.hostname

and google

but not for filename.hostname

Can anyone please suggest me why I am not able to get this working after huge efforts?

解决方案

At the command-line in OS X, run the following:

nscurl --ats-diagnostics filename.hostname --verbose

This will tell you what combinations of ATS settings will and will not permit iOS to access your site, and should point you towards what is wrong with your site.

It could be one or more of the following

• Certificate hash algorithm (must be SHA-256 or above)
• TLS version (must be 1.2)
• TLS algorithms (must provide Perfect Forward Secrecy)