URLConnection SSL Error

I’m getting an error when performing a post:

"An SSL error has occurred and a secure connection to the server cannot be made."

I have set:
u.AllowCertificateValidation=false

My client assures me that the certificate is valid and when I try to hit the url from Safari, I can get through, although I get an error because I’m not submitting the form data through the browser.

I’m not even sure where to start with debugging this.
Help?

Why set it to false?

My client assures me that the certificate is valid

Then why not set it to true and allow validation ?

The form is probably expecting some post or get fields to be there, that’s up to your website/customer.

I tried true (actually that’s the default) and it didn’t work.
They did give me a sample of the fields required and I’ve included them correctly.

What does it mean that the client assures the cert is valid ? is it a self signed cert ?

that I’m not sure of.
But the fact that I can hit that server from Safari without the typical security message makes me believe them.
However, SSL certificates are clearly not something I’m good with.

Can you paste the url (or private message) ?

Does this relate to your project where you had outdated devices that were upset about the new Let’s Encrypt root certificate?

completely different, and all on the desktop.

messing you privately.

When I want more info on the SSL certificates and their compatibility issues, I use this site and put in the URL of the server in question.

It looks like this error is -1200

https://developer.apple.com/documentation/cfnetwork/cfnetworkerrors/cfurlerrorsecureconnectionfailed
case cfurlErrorSecureConnectionFailed = -1200

I’ve tried it with a plist key for the domain (including subdomain) but it won’t run, just gives the same error. Maybe somebody @ xojo can suspect what’s happening here ?

The certificate and it’s chain is valid.
it works with curl without issues.
The error is only on mac as far as i know with URLConnection (sync and event based).

That’s bizarre. URLConnection is just a wrapper onto apple’s NSURLConnection on macOS IIRC.

Do you have Paw that you could try the connection with a third party app using a NSURLConnection ?

Also, remember that a socket isn’t exactly the same as a browser. I wouldn’t expect it here, but maybe make sure all of the standard browser headers are also being sent?

You can always try our Curl Plug-in or NSURLConnectionMBS or NSURLSessionMBS classes instead.

The CURLSMBS is working but only when the cacert.pem from curl online (latest) is being used in CAInfo param. I guess there is something wrong with the cert chain order (root to domain), since there is nothing actually that indicates the certs being wrong. I send the TS a example project for it’s cause with CURLSMBS that works.