I am receiving a SSL error in my NSURLConnection class, suddenly from iOS7 GM. I cannot access any of my APIs or webView pages, and is a severe emergency.
Can anybody help me here?
The error is as follows:
NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)
I've looked up the error, and it is explained as follows:
errSSLNoRootCert = -9813, /* cert chain not verified by root */
My root certificate for my domain (confirmed via browser access) is
"AddTrust External CA Root".
It is very unlikely that this is not trusted, because:
This root certificate is even listed in "iOS5 and 6: List of trusted root certificates". http://support.apple.com/kb/ht5012
This error has never appeared anytime up to iOS6, and even until iOS7 beta 6. It suddenly appeared in iOS7 GM.
My browser tells me that it is a trusted certificate.
There are no problems with expiration dates for my certificate.
I want to know whether this is a bug in the OS, or whether I have to purchase a certificate of a different root, or whether problems lie elsewhere.
P.S. I have no code around my NSURLConnection for handling authentication challenges.
Try adding the intermediate certificates to your (API's) web server configuration. Most times they are sent along with your real certificate.
It might be that iOS knows (and trusts) the root certificate, but that one (or more) intermediate certificates (between your actual certificate and the real certificate) aren't known. By adding them, iOS can figure out that the chain between your certificate and the root certificate actually exists.
Here is a list of other work-arounds.
Use the Chrome or Puffin web browsers.
Use Safari in private browsing mode.
See: https://discussions.apple.com/thread/5327078?tstart=0
Robert
Not a solution but a workaround if you want to get going for the moment is to override the default behavior of NSURLConnection. Check https://developer.apple.com/library/ios/technotes/tn2232/_index.html#//apple_ref/doc/uid/DTS40012884-CH1-SECNSURLCONNECTION
I had a similar problem except that my error was 9814 i.o 9813. Same situation, worked fine with iOS6 and no longer with iOS7.
The URL I was calling was https://.... I changed it to http://... and it seems to be working fine
Not sure it will work for you but definitely weird
Good luck
来源:https://stackoverflow.com/questions/18756241/receiving-ssl-error-in-ios7-gm-addtrust-external-ca-root-is-not-trusted