Since I upgraded my existing project with iOS 9, I keep getting the error :
An SSL error has occurred and a secure connection to the server cannot be made.
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
For the iOS9, Apple made a radical decision with iOS 9, disabling all unsecured HTTP traffic from iOS apps, as a part of App Transport Security (ATS).
To simply disable ATS, you can follow this steps by open Info.plist, and add the following lines:
NSAppTransportSecurity NSAllowsArbitraryLoads 回答2:
Even though allowing arbitrary loads (NSAllowsArbitraryLoads = true) is a good workaround, you shouldn't entirely disable ATS but rather enable the HTTP connection you want to allow:
NSAppTransportSecurity NSExceptionDomains yourserver.com NSIncludesSubdomains NSTemporaryExceptionAllowsInsecureHTTPLoads NSTemporaryExceptionMinimumTLSVersion TLSv1.1 回答3:
iOS 9 forces connections that are using HTTPS to be TLS 1.2 to avoid recent vulnerabilities. In iOS 8 even unencrypted HTTP connections were supported, so that older versions of TLS didn't make any problems either. As a workaround, you can add this code snippet to your Info.plist:
NSAppTransportSecurity NSAllowsArbitraryLoads *referenced to App Transport Security (ATS)
回答4:
If you are just targeting specific domains you can try and add this in your application's Info.plist:
NSAppTransportSecurity NSExceptionDomains example.com NSExceptionRequiresForwardSecrecy NSIncludesSubdomains 回答5:
It appears that iOS 9.0.2 breaks requests to valid HTTPS endpoints. My current suspicion is that it is requiring SHA-256 certs or it fails with this error.
To reproduce, inspect your UIWebView with safari, and try navigating to an arbitrary HTTPS endpoint:
location.href = "https://d37gvrvc0wt4s1.cloudfront.net/js/v1.4/rollbar.min.js" // [Error] Failed to load resource: An SSL error has occurred and a secure connection to the server cannot be made. (rollbar.min.js, line 0) Now try going to google (because of course they have a SHA-256 cert):
location.href = "https://google.com" // no problemo Adding an exception to transport security (as outlined by @stéphane-bruckert's answer above) works to fix this. I also assume that completely disabling NSAppTransportSecurity would work too, though I've read that completely disabling it can jeopardize your app review.
[EDIT] I've found that simply enumerating the domains I'm connecting to in the NSExceptionDomains dict fixes this problem, even when leaving NSExceptionAllowsInsecureHTTPLoads set to true. :\
回答6:
I get the same error when I specify my HTTPS URL as : https://www.mywebsite.com . However it works fine when I specify it without the three W's as : https://mywebsite.com .
回答7:
The problem is the ssl certificate on server side. Either something is interfering or the certificate doesn't match the service. For instance when a site has a ssl cert for www.mydomain.com while the service you use runs on myservice.mydomain.com. That is a different machine.
回答8:
Xcode project -> goto info.plist and Click + Button then Add (App Transport Security Settings)Expand, Allow Arbitrary Loads Set YES. Thanks