[ad_1]
I am attempting to arrange a safe dev setting on my Mac.
I’ve outlined a dummy area in /and so forth/hosts.
I’ve put in the next self generated root CA on the simulator:
Issued To
Frequent Title (CN) ****.com
Group (O) ****
Organizational Unit (OU)
Issued by
Frequent Title (CN) ****.com
Group (O) ****
Organizational Unit (OU)
Validity Interval
Issued On Wednesday, November 8, 2023 at 9:02:43 AM
Expires On Saturday, November 5, 2033 at 9:02:43 AM
SHA 256 Fingerprints
Certificates f2ed…62f7
Public Key abcf…4773
I’ve put in it by downloading the cert (.pem) file, putting in it after which going to settings|common|about… to allow it. Identical to Apple suggests.
It really works wonderful on Safari Cellular. Nonetheless, once I attempt the identical from my app I get:
2023-11-19 10:42:03.825404+0200 TestApp[22919:2996532] ATS failed system belief
2023-11-19 10:42:03.825475+0200 TestApp[22919:2996532] Connection 1: system TLS Belief analysis failed(-9802)
2023-11-19 10:42:03.825559+0200 TestApp[22919:2996532] Connection 1: TLS Belief encountered error 3:-9802
2023-11-19 10:42:03.825612+0200 TestApp[22919:2996532] Connection 1: encountered error(3:-9802)
2023-11-19 10:42:03.826104+0200 TestApp[22919:2996532] Process <B0C44DAC-4B59-44D5-891C-5B8BE21C3938>.<1> HTTP load failed, 0/0 bytes (error code: -1200 [3:-9802])
2023-11-19 10:42:03.829664+0200 TestApp[22919:2996532] Process <B0C44DAC-4B59-44D5-891C-5B8BE21C3938>.<1> completed with error [-1200] Error Area=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a safe connection to the server can't be made." UserInfo={NSLocalizedRecoverySuggestion=Would you want to connect with the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=(
"<cert(0x131811800) s: ****.com i: ****.com>"
), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://****.com/, NSErrorFailingURLStringKey=https://****.com/, NSUnderlyingError=0x6000030481e0 {Error Area=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x600000f240a0>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x131811800) s: ****.com i: ****.com>"
)}}, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <B0C44DAC-4B59-44D5-891C-5B8BE21C3938>.<1>"
), _kCFStreamErrorCodeKey=-9802, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <B0C44DAC-4B59-44D5-891C-5B8BE21C3938>.<1>, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600000f240a0>, NSLocalizedDescription=An SSL error has occurred and a safe connection to the server can't be made.}
Error Area=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a safe connection to the server can't be made." UserInfo={NSLocalizedRecoverySuggestion=Would you want to connect with the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=(
"<cert(0x131811800) s: ****.com i: ****.com>"
), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://****.com/, NSErrorFailingURLStringKey=https://****.com/, NSUnderlyingError=0x6000030481e0 {Error Area=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x600000f240a0>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x131811800) s: ****.com i: ****.com>"
)}}, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <B0C44DAC-4B59-44D5-891C-5B8BE21C3938>.<1>"
), _kCFStreamErrorCodeKey=-9802, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <B0C44DAC-4B59-44D5-891C-5B8BE21C3938>.<1>, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600000f240a0>, NSLocalizedDescription=An SSL error has occurred and a safe connection to the server can't be made.}
I’ve thought-about the data.plist and disabled NSAllowsArbitraryLoads.
I’ve additionally tried the identical request with a regular area (e.g. google) and it really works wonderful with no errors.
[ad_2]