app-transport-security

问题 I'm having trouble with making a connection to an API over HTTPS/SSL. I've completely disabled App Transport Security (ATS) using the below dictionary (despite the fact that the SSL certificate passes all the tests from NSCURL). <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict> </plist> BUT: There's still an SSL Handshake error (below) that, when Googled, only suggests it's to do with App Transport Security. NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)

问题 I was wondering how a sample app (https://developer.apple.com/library/ios/samplecode/sc1791/Introduction/Intro.html) from Apple was able to establish "clear" http connection without any App Transport Security exception. I thought initially that it was the AVFoundation automatic exception for encrypted HLS mentioned during the WWDC 2016 (lecture 706). But I can't reproduce it with my app. There seems to be an automatic ATS exception for clear http request to *.apple.com. The very simple ios

问题 Apple announced “App Transport Security” for iOS 9 and OSX 10.11 El Capitan. The “What’s New in iOS” guide for iOS 9 explains: App Transport Security (ATS) lets an app add a declaration to its Info.plist file that specifies the domains with which it needs secure communication. ATS prevents accidental disclosure, provides secure default behavior, and is easy to adopt. You should adopt ATS as soon as possible, regardless of whether you’re creating a new app or updating an existing one. If we

问题 My app which works great under iOS8 no longer runs under iOS9. The problem is that despite having the following in my .plist file: <key>NSAppTransportSecurity</key> <dict> <!--Include to allow all connections (DANGER)--> <key>NSAllowsArbitraryLoads</key> <true/> </dict> The following code: NSURL *targetURL = [NSURL URLWithString:_caseStudyListTitleURL]; NSURLRequest *request = [NSURLRequest requestWithURL:targetURL]; [_myWebView loadRequest:request]; results in the error: NSURLSession

问题 I've got an iOS app which uses SSL/HTTPS to communicate with a server. The server is providing a certificate that works over TLSv1.2 (the main requirement of App Transport Security). An example URL that demonstrates this (where the TLSv1.2 can be verified by checking the certificate) is https://api.branon.co.uk/checkOnline. However, the app is throwing errors relating to the App Transport Layer - errors that, when Googled - imply it's because the server isn't working over TLSv1.2. An example

问题 Couple of questions: Do I still need to add NSAppTransportSecurity feature to my info.plist if my servers are already running TLS1.2? If yes, why? shouldn't all apple devices runniNG iOS9 or >iOS10.11 versions be okay with the TLS1.2 setting? What is forward secrecy? why do I need to enable or disable it for specific domains? what are cipher suits? 回答1: The Min TLS version in your Info.plist is only needed if your server does not support at least TLS 1.2. If your server is TLS 1.2, you won't

问题 I've spent a while trying to get this working. I have an API that I'm connecting to that i'm trying to switch to SSL with self signed certificates. I have control on the server and app. I generated a self signed cert according to this: https://kyup.com/tutorials/create-ssl-certificate-nginx/ sudo openssl genrsa -des3 -out ssl.key 2048 sudo openssl req -new -key ssl.key -out ssl.csr sudo cp ssl.key ssl.key.orig & sudo openssl rsa -in ssl.key.orig -out ssl.key sudo openssl x509 -req -days 365

问题 I am attempting to make POST requests to a secure server in my app, without a certificate. When I make a request I'm getting these errors in the console: 2018-04-24 16:14:22.942030-0400 TIC TCP Conn Failed [8:0x60000017c440]: 1:54 Err(54) 2018-04-24 16:14:22.942779-0400 Task <1E09E1AE-CE51-48C4-9A56-F3738B8FD68F>.<1> HTTP load failed (error code: -1005 [1:54]) 2018-04-24 16:14:22.943219-0400 [93037:8075678] Task <1E09E1AE-CE51-48C4-9A56-F3738B8FD68F>.<1> finished with error - code: -1005 In

问题 My question is related to Apple Transport Security (ATS) and I am too much confused. I want to support all the protocols (all version of TLS and SSL) in my swift app. If I change NSAllowsArbitraryLoads to false, will app work on all protocols by default? Or do I have to specify domain in configuration and add NSExceptionMinimumTLSVersion? <key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <false/> <key>NSExceptionDomains</key> <dict> <key>your.servers.domain.here</key>

问题 Hi I have an app that works fine in ios 9 and 10.0 (I have add the App Transport Security blocking with “Allow Arbitrary Loads = YES” to my info.plist. But after upgrade to 10.1 and Xcode 8.1 there seem to be a problem with the App Transport Security. I can not connect to server. My server only support up to TLS 1.1 Showing this error Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.