I'm sending a simple GET request on an HTTPS url containing a port number. The url looks like this
https://example.com:8080/v1/base
This works perfectly on Android and on any browser..heck even curl. But, I get this error on iOS. If I remove the port number from the above URL, this works perfectly fine!
Error:Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com” which could put your confidential information at risk." UserInfo=0xa694c50 {NSErrorFailingURLStringKey= https://example.com:8080/v1/base , NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSErrorFailingURLKey= https://example.com:8080/api/v1/base , NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com” which could put your confidential information at risk., NSUnderlyingError=0xa2410a0 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com” which could put your confidential information at risk.", NSURLErrorFailingURLPeerTrustErrorKey=}
The SSL certificate was issued by DigiCert. The server backend is node v0.10.15 and iOS SDK v6.1
Any idea what I'm missing here?
Adding requestCert: true
& the CA certificate solved this
var https = require('https'), // module for https
fs = require('fs'); // required to read certs and keys
var options = {
key: fs.readFileSync('ssl/server.key'),
cert: fs.readFileSync('ssl/server.crt'),
ca: fs.readFileSync('ssl/ca.crt'),
requestCert: true,
rejectUnauthorized: false
};
https.createServer(options, function (req, res) {
if (req.client.authorized) {
res.writeHead(200, {"Content-Type": "application/json"});
res.end('{"status":"approved"}');
} else {
res.writeHead(401, {"Content-Type": "application/json"});
res.end('{"status":"denied"}');
}
}).listen(443);
Are you including any additional parent CA certs beyond your own?
Also, does it work if you use a port other than 8080 or 443? And does it work if you listen on 443 and explicitly attempt to request https://example.com:443/v1/base
?
var fs = require('fs');
var httpsOpt = {
key : fs.readFileSync('ssl.plain.key').toString(),
cert : fs.readFileSync('ssl.crt').toString(),
ca:[fs.readFileSync('ca.pem').toString(),
fs.readFileSync('sub.class1.server.ca.pem').toString()],
};
https.createServer(httpsOpt, app)
.listen('8080', function(){
console.log('Listening on 8080')
});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.