App Transport Security已禁用且仍会收到SSL握手错误 [英] App Transport Security disabled and still getting SSL Handshake Error
问题描述
我在通过HTTPS / SSL建立API连接时遇到问题。我使用下面的字典完全禁用了App Transport Security(ATS)(尽管SSL证书通过了NSCURL的所有测试)。
I'm having trouble with making a connection to an API over HTTPS/SSL. I've completely disabled App Transport Security (ATS) using the below dictionary (despite the fact that the SSL certificate passes all the tests from NSCURL).
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
</plist>
但是:仍然存在SSL握手错误(如下所示),当Google搜索时,只表示要做使用App Transport Security。
BUT: There's still an SSL Handshake error (below) that, when Googled, only suggests it's to do with App Transport Security.
NSURLSession / NSURLConnection HTTP加载失败(kCFStreamErrorDomainSSL,-9813)
我已经创建了一个演示该问题的最小示例项目,可在GitHub上找到( https://github.com/samheather/AppTransportSecurityDemo)。您应该发现在运行项目时它会在几秒钟内崩溃(在尝试在viewDidLoad中建立连接之后直接崩溃)。
I've created a minimal sample project that demonstrates the issue, available on GitHub (https://github.com/samheather/AppTransportSecurityDemo). You should find that on running the project it crashes within a couple of seconds (straight after it tries to make the connection in viewDidLoad).
我尝试连接的域名为 https:/ /demo.heather.sh ,以及具有响应的证书(因此可以查看证书)的示例URL是 https://demo.heather.sh:443/checkOnline 。
The domain that I'm trying to connect to is https://demo.heather.sh, and a sample URL that the certificate that has a response (so the certificate can be viewed) is https://demo.heather.sh:443/checkOnline.
任何人的想法?
谢谢!
Sam
推荐答案
如 iOS App Transport Security不接受TLSv1.2连接并且plists异常没有任何区别,问题是服务器没有提供与中间证书相结合的证书。现在这已经解决了,一切正常:)
As described on iOS App Transport Security not accepting TLSv1.2 connection and plist exceptions not making any difference, the issue was that the server wasn't serving the certificate combined with the Intermediate certificate. Now that this is fixed, everything works :)
正如Anand(上图)所说,检查这个的一个很好的工具是: http://ssllabs.com/ssltest/analyze.html?d=
As Anand (above) says, a great tool to check this is: http://ssllabs.com/ssltest/analyze.html?d=
这篇关于App Transport Security已禁用且仍会收到SSL握手错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!