I'm switching from iOS8 to iOS9 and AFNetworking web service calls over HTTPS that worked before no longer work. I'm getting error -1200 and error -9824 The issue is related to using self-signed certificates.
Error Domain=kCFErrorDomainCFNetwork Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=[server url], NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9824
I see this related question: IOS9 SSL error with NSURLSession, with the following answer, however, the answer is cryptic and does not really tell me how to fix the issue.
ATS trusts only certificate signed by a well known CA, all others are rejected. As a consequence the only solution with a Self signed certificate is to set anexception with NSExceptionDomains.
What is the proper way to update AFNetworking calls to work with HTTPS on iOS9?
In the past I've used numerous workarounds, including a way to respond to NSURLAuthenticationChallenge, however I'm looking for something more definitive.
iOS 9 forces connections that are using HTTPS to be TLS 1.2 to avoid recent vulnerabilities. In iOS 8 even unencrypted HTTP connections were supported, so that older versions of TLS didn't make any problems either. As a workaround, you can add this code snippet to your Info.plist:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
Thereby you're disabling the App Transport Security. Hope that's helpful.
Here's a potential solution, (but still does not work in the case above) How can I add NSAppTransportSecurity to my info.plist file?
Allowing Invalid SSL Certificates
AFHTTPRequestOperationManager *manager = [AFHTTPRequestOperationManager manager];
manager.securityPolicy.allowInvalidCertificates = YES; // not recommended for production
来源:https://stackoverflow.com/questions/32634986/ios9-what-is-the-proper-way-to-update-afnetworking-calls-to-work-with-https-err