iOS9 getting error “an SSL error has occurred and a secure connection to the server cannot be made”
IosSsl CertificateApp Transport-SecurityIos Problem Overview
Since I upgraded my existing project with iOS 9, I keep getting the error :
> An SSL error has occurred and a secure connection to the server cannot be made.
Ios Solutions
Solution 1 - Ios
For the iOS9, Apple made a radical decision with iOS 9, disabling all unsecured HTTP traffic from iOS apps, as a part of [App Transport Security (ATS)][1].
To simply disable ATS, you can follow this steps by open Info.plist, and add the following lines:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
[1]: https://forums.developer.apple.com/thread/6767 "App Transport Security (ATS)"
Solution 2 - Ios
Even though allowing arbitrary loads (NSAllowsArbitraryLoads = true) is a good workaround, you shouldn't entirely disable ATS but rather enable the HTTP connection you want to allow:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>yourserver.com</key>
<dict>
<!--Include to allow subdomains-->
<key>NSIncludesSubdomains</key>
<true/>
<!--Include to allow HTTP requests-->
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<!--Include to specify minimum TLS version-->
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
Solution 3 - Ios
If you are just targeting specific domains you can try and add this in your application's Info.plist:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>example.com</key>
<dict>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSIncludesSubdomains</key>
<true/>
</dict>
</dict>
</dict>
Solution 4 - Ios
iOS 9 forces connections that are using HTTPS to be TLS 1.2 to avoid recent vulnerabilities. In iOS 8 even unencrypted HTTP connections were supported, so that older versions of TLS didn't make any problems either. As a workaround, you can add this code snippet to your Info.plist:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
*referenced to App Transport Security (ATS)
Solution 5 - Ios
It appears that iOS 9.0.2 breaks requests to valid HTTPS endpoints. My current suspicion is that it is requiring SHA-256 certs or it fails with this error.
To reproduce, inspect your UIWebView with safari, and try navigating to an arbitrary HTTPS endpoint:
location.href = "https://d37gvrvc0wt4s1.cloudfront.net/js/v1.4/rollbar.min.js"
// [Error] Failed to load resource: An SSL error has occurred and a secure connection to the server cannot be made. (rollbar.min.js, line 0)
Now try going to google (because of course they have a SHA-256 cert):
location.href = "https://google.com"
// no problemo
Adding an exception to transport security (as outlined by @stéphane-bruckert's answer above) works to fix this. I also assume that completely disabling NSAppTransportSecurity would work too, though I've read that completely disabling it can jeopardize your app review.
[EDIT] I've found that simply enumerating the domains I'm connecting to in the NSExceptionDomains dict fixes this problem, even when leaving NSExceptionAllowsInsecureHTTPLoads set to true. :\
Solution 6 - Ios
The problem is the ssl certificate on server side. Either something is interfering or the certificate doesn't match the service. For instance when a site has a ssl cert for www.mydomain.com while the service you use runs on myservice.mydomain.com. That is a different machine.
Solution 7 - Ios
I get the same error when I specify my HTTPS URL as : https://www.mywebsite.com . However it works fine when I specify it without the three W's as : https://mywebsite.com .
Solution 8 - Ios
In my case I faced this issue in my simulator because my computer's date was behind of current date. So do check this case too when you face SSL error.
Solution 9 - Ios
I was getting below error on playback
finished with error [-1200] Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://remote-abcabc-svc.an.abc.com:1935/abr/_definst_/smil:v2/video/492F2F82592F59EA74ABAA6B9D6E6F42/F6B1BD452132329FBACD32730862CAE0/091EAD80FE9BEDD52A2F33840CA3CBAC.v3.eng.smil/playlist.m3u8, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <692A1174-DA1C-4267-9560-9020A79F8458>.<1>, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <692A1174-DA1C-4267-9560-9020A79F8458>
I made sure that I added entry in exception domains in plist file and NSAllowsArbitraryLoads is set to true and still I was seeing an error.
Then I realized that I am playing URL with https and not http.
I set video url to http and problem solved.
Solution 10 - Ios
Xcode project -> goto info.plist and Click + Button then Add (App Transport Security Settings)Expand, Allow Arbitrary Loads Set YES. Thanks
Solution 11 - Ios
My issue was NSURLConnection and that was deprecated in iOS9 so i changed all the API to NSURLSession and that fixed my problem.
https://stackoverflow.com/questions/32441229/nsurlconnection-deprecated-in-ios9
Solution 12 - Ios
I was getting this error for some network calls and not others. I was connected to a public wifi. That free wifi seemed to bee tampering with certain URLs and hence the error.
When I connected to LTE that error went away!
Solution 13 - Ios
Using this site, I entered the address of the server to which I made the request and added the generated SHA key to the info.plist.
https://www.ssllabs.com/ssltest/index.html
<key>NSAppTransportSecurity</key>
<dict>
<key>NSPinnedDomains</key>
<dict>
<key>Your domain here (www.api.com)</key>
<dict>
<key>NSPinnedLeafIdentities</key>
<array>
<dict>
<key>SPKI-SHA256-BASE64</key>
<string>******pfbtB5iNouq********rC8Nrb+AmLFKxV7qgM=</string>
</dict>
</array>
</dict>
</dict>
</dict>
Solution 14 - Ios
In my case I had network sniffing apps such as Charles Proxy or Proxyman open. 臘