HTTPSocket Secure issue

Targets iOS
1

Hi all,

Having an issue with the iOS HTTPSocket. I saw from the Beta channel that Apple now require secure connections. As I develop, I’m serving the API stuff using Laravel’s Valet in secure mode. Chrome and Paws report it a valid certificate and fat and happy.

However HTTPSockets barfs. If Have ValidateCertificates=True I get a NSURL Error, if I have ValidateCertificates=False, I receive an SSL error.

I stopped Laravel Valet and fired up MAMP PRO with a self signed certificate, get an SSL error on both ValidateCertificates True or False.

I saw some info about using info.plist to allow unsecure connections. I copied that into my project but it doesn’t seem to work.

How can I get my development local version to work (I’m ok with unsecure locally).

The public version which is secured by Lets Encrypt works fine!

Thanks

2

Assuming you’re getting an exception, click on the exception in the debugger and see what the actual error is.

3

No exception, I just catch this in the httpsocket.error event. If I don’t have that event it just sits there in forever land.

err.Reason gives this “An SSL error has occurred and a secure connection to the server cannot be made”

I’m not able to recreate the NSURL error this morning, ValidateCertificates True and False give the SSL error.

4

Could you show us exactly what the url is that you are using?

Or better yet, file a bug report?

5

[quote=277701:@Greg O’Lone]Could you show us exactly what the url is that you are using?

Or better yet, file a bug report?[/quote]

I’ll need to dig more. It’s an internal web server on my dev laptop. I use either MAMP PRO with a self-certified certificate or Laravel’s Valet (I used laravel to create the web service API. ).

Chrome warns me that the MAMP PRO served certificate may be dodgy (as expected being self certified) but on the Laravel Valet with the site secured, Chrome tells me it’s a valid and happy secure site.

When I get more time I’ll dig on the MAMP side of things. Curious if the Apple SDK really doesn’t like self certified certificates or thinks something is odd with the Valet one. I may knock up something quickly in Swift as well!

Thanks for the response.

6

That said, how do I create/add the info.plist so I can at least use it unsecure for development for know?

Thanks

7

You can create a plist and drag it into the IDE and it will be merged into the plist the IDE generates from everything else

You cant overwrite keys the IDE generates

Or you can use the defaults command to write the extra entitlements into the plist but you need to do that by putting the step between the BUILD and SIGN steps
If you put it after the sign step then you break the code signature IF you have applied one

8

[quote=277731:@Norman Palardy]You can create a plist and drag it into the IDE and it will be merged into the plist the IDE generates from everything else

You cant overwrite keys the IDE generates

Or you can use the defaults command to write the extra entitlements into the plist but you need to do that by putting the step between the BUILD and SIGN steps
If you put it after the sign step then you break the code signature IF you have applied one[/quote]

Thanks. I just need for the debug version. I have a conditional #if DebugBuild for local URL and only need it to apply there. (on proper build I use the production website that is secure and works fine!.

I’ll fiddle away hopefully tonight.

9

I was finally able to get the info.plist to work and allow unsecure from my local webserver. When I get more time I will fiddle with self certified certificates.

However, to help others searching for this, add this to or create the info.plist in your project.

[code]<?xml version="1.0" encoding="UTF-8"?>

NSAppTransportSecurity NSExceptionDomains UNSECUREDOMAIN.COM (YOURS) NSIncludesSubdomains NSTemporaryExceptionAllowsInsecureHTTPLoads [/code]

I’ll mark it solved for now. Thanks