NSURLErrorDomain after SSL certificate renewal in iOS app using AFNetwork
Question
We have an old iOS app which was using HTTPS to access the APIs. The app was working fine till a few days ago. The SSL certificate in question expired a few days ago. The app started giving the following error:
Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “xxx.xxx.com” which could put your confidential information at risk."
So we renewed and re-keyed the SSL certificate. Now when I access the HTTPS url from browser (chrome) it works properly and shows the green lock on the left before the url. When I click on the lock icon it shows valid certificate information. But when the same URL is accessed from the App I still get the same error.
The AFNetworking being used is from 2011, since this is an old app. Since the app is already on AppStore, I am looking for a server side fix.
Have you seen something like this before? If yes how did you solve it?
Regards,
Pritam.
1 answers
solution1
1 2015-02-07 03:32:57
Yes I have seen something like this before and the good news it that it IS a server side fix. Browsers often cache third party certs and will therefore ignore minor problems with your certificate chain, which is what appears to be the issue in your case. However, your app code does not trust the certificate chain that your website has given it.
Download an app called SSL detective and use it to query your website for the certificate chain. You will probably see that one of the parts is red/untrusted and you should seek to make sure that the ENTIRE chain is trusted. Chances are, you will need to make some changes to your server side certificate setup.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.