After successfully installing a cert on iPhone simulator, I still get an SSL error when hitting my web service
Question
I am developing a web service and iOS app that hits the web service on my local machine. At first, I disabled the cleartext errors for interacting with the service, but now I would like to use https so that my development, test, and prod environments are as similar as possible.
I installed my self-signed cert locally, so going to the site directly is using https just fine:
I have followed the instructions to install a cert in the iPhone simulator:
However, when I hit the web service on my local machine that uses this cert, I still get these error in the console:
2020-10-17 09:59:10.891496-0500 cttios[45481:2146304] [] nw_protocol_get_quic_image_block_invoke dlopen libquic failed
2020-10-17 09:59:10.899475-0500 cttios[45481:2146304] ATS failed system trust
2020-10-17 09:59:10.899583-0500 cttios[45481:2146304] Connection 1: system TLS Trust evaluation failed(-9802)
2020-10-17 09:59:10.899744-0500 cttios[45481:2146304] Connection 1: TLS Trust encountered error 3:-9802
2020-10-17 09:59:10.900077-0500 cttios[45481:2146304] Connection 1: encountered error(3:-9802)
2020-10-17 09:59:10.901405-0500 cttios[45481:2146304] Task <BE791070-705B-4C7D-A1DB-F57BCF1DFBCE>.<1> HTTP load failed, 0/0 bytes (error code: -1200 [3:-9802])
2020-10-17 09:59:10.904343-0500 cttios[45481:2146304] Task <BE791070-705B-4C7D-A1DB-F57BCF1DFBCE>.<1> finished with error [-1200] Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=(
"<cert(0x7ff4ce854600) s: cttweb.test i: Homestead homestead Root CA>"
), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://cttweb.test/api/v1/login, NSErrorFailingURLStringKey=https://cttweb.test/api/v1/login, NSUnderlyingError=0x600001123ab0 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x600002d55cb0>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x7ff4ce854600) s: cttweb.test i: Homestead homestead Root CA>"
)}}, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <BE791070-705B-4C7D-A1DB-F57BCF1DFBCE>.<1>"
), _kCFStreamErrorCodeKey=-9802, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <BE791070-705B-4C7D-A1DB-F57BCF1DFBCE>.<1>, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600002d55cb0>, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made.}
Login api error: An SSL error has occurred and a secure connection to the server cannot be made.
Optional(["task": ["Login api error: An SSL error has occurred and a secure connection to the server cannot be made."]])
I have tried restarting the simulator after installing the cert, same result. What am I doing wrong?
It looks like I may not be trusting the cert even after installing it, but I can't find a way to trust it.
1 answers
solution1
0 2020-10-17 15:25:46
The problem is that I had the website cert installed, but not the CA cert generated for my local web server installed. That was as easy as dragging the CA root cert into Safari on the simulator.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.