Mobilelfirst 7.1 - ios9 An SSL error has occurred

2019-09-04 07:00发布

站内问答 / 前端开发
909 1 6

While using Https connection from mobile device to MFP server I am getting this SSL handshake error. However the same URL if tried in browser works perfectly.

The Certificate that we are using is TLS version 1.2 standard and encrypted and authenticated using AES_128_GCM and uses RSA as the key exchange mechanism

Here are my logs from xcode 

2016-04-06 00:13:21.870 SSMobileApp[5742:3715304] [DEBUG] [NOsslNE] establishSSLClientAuth
2016-04-06 00:13:21.873 SSMobileApp[5742:3715317] [DEBUG] [NONE] after: initOptions.onSuccess
2016-04-06 00:13:21.876 SSMobileApp[5742:3715303] [DEBUG] [NONE] added onPause and onResume event handlers
2016-04-06 00:13:21.879 SSMobileApp[5742:3715301] [DEBUG] [NONE] wlclient init success
2016-04-06 00:13:21.881 SSMobileApp[5742:3715258] THREAD WARNING: ['UserAuth'] took '13.794922' ms. Plugin should use a background thread.
2016-04-06 00:13:22.082 SSMobileApp[5742:3715258] [DEBUG] [WORKLIGHT] +[WLClient sharedInstance] in WLClient.m:165 :: IBMMobilieFirstFoundation.framework version = 7.1-2015/12/27 17:46:32
2016-04-06 00:13:22.085 SSMobileApp[5742:3715317] [DEBUG] [NONE] Request [/apps/services/api/SSMobileApp/iphone/init]
2016-04-06 00:13:22.088 SSMobileApp[5742:3715304] [TRACE] [NONE] Application details header: {"applicationDetails":{"platformVersion":"7.1.0.0","nativeVersion":"2929140589","skinName":"default","skinChecksum":284837888,"skinLoaderChecksum":"(null)"}}
2016-04-06 00:13:22.090 SSMobileApp[5742:3715303] [DEBUG] [NONE] establishSSLClientAuth isCertificateExists:  false
2016-04-06 00:13:22.094 SSMobileApp[5742:3715258] THREAD WARNING: ['WLAuthorizationManagerPlugin'] took '14.354980' ms. Plugin should use a background thread.
2016-04-06 00:13:22.109 SSMobileApp[5742:3715258] THREAD WARNING: ['WLAuthorizationManagerPlugin'] took '11.534180' ms. Plugin should use a background thread.
2016-04-06 00:13:22.111 SSMobileApp[5742:3715258] [TRACE] [WL_SPLASH] -[WLSplashView hide] in WLSplashView.m:73 :: 
2016-04-06 00:13:22.122 SSMobileApp[5742:3715304] [TRACE] [WLNativeXHR] open method POST url /apps/services/api/SSMobileApp/iphone/init
2016-04-06 00:13:22.124 SSMobileApp[5742:3715317] [TRACE] [WLNativeXHR] setRequestHeader name X-Requested-With value XMLHttpRequest
2016-04-06 00:13:22.126 SSMobileApp[5742:3715303] [TRACE] [WLNativeXHR] Constructing
2016-04-06 00:13:22.129 SSMobileApp[5742:3715333] [TRACE] [WLNativeXHR] setRequestHeader name Accept-Language value en-US
2016-04-06 00:13:22.132 SSMobileApp[5742:3715337] [TRACE] [WLNativeXHR] setRequestHeader name Content-type value application/x-www-form-urlencoded; charset=UTF-8
2016-04-06 00:13:22.135 SSMobileApp[5742:3715304] [TRACE] [WLNativeXHR] setRequestHeader name x-wl-app-version value 1.0
2016-04-06 00:13:22.138 SSMobileApp[5742:3715338] [TRACE] [WLNativeXHR] setRequestHeader name x-wl-app-details value {"applicationDetails":{"platformVersion":"7.1.0.0","nativeVersion":"2929140589","skinName":"default","skinChecksum":284837888,"skinLoaderChecksum":"(null)"}}
2016-04-06 00:13:22.141 SSMobileApp[5742:3715339] [TRACE] [WLNativeXHR] setRequestHeader name x-wl-clientlog-deviceId value 62413470-564E-4012-96E9-8C13CA4E50F5
2016-04-06 00:13:22.144 SSMobileApp[5742:3715301] [TRACE] [WLNativeXHR] setRequestHeader name Accept value text/javascript, text/html, application/xml, text/xml, */*
2016-04-06 00:13:22.147 SSMobileApp[5742:3715341] [TRACE] [WLNativeXHR] setRequestHeader name x-wl-clientlog-appname value SSMobileApp
2016-04-06 00:13:22.150 SSMobileApp[5742:3715340] [TRACE] [WLNativeXHR] setRequestHeader name x-wl-clientlog-appversion value 1.0
2016-04-06 00:13:22.153 SSMobileApp[5742:3715343] [TRACE] [WLNativeXHR] setRequestHeader name x-wl-clientlog-osversion value 9.1
2016-04-06 00:13:22.156 SSMobileApp[5742:3715342] [TRACE] [WLNativeXHR] setRequestHeader name x-wl-clientlog-env value iphone
2016-04-06 00:13:22.159 SSMobileApp[5742:3715344] [TRACE] [WLNativeXHR] setRequestHeader name x-wl-clientlog-model value iPhone8,1
2016-04-06 00:13:22.162 SSMobileApp[5742:3715345] [TRACE] [WLNativeXHR] setRequestHeader name X-WL-ClientId value 535fecc2c8e0262fea1d44449283d940443060d4
2016-04-06 00:13:22.165 SSMobileApp[5742:3715317] [TRACE] [WLNativeXHR] setRequestHeader name X-WL-S-ClientId value eyJhbGciOiJSUzI1NiIsImpwayI6eyJhbGciOiJSU0EiLCJtb2QiOiJBSkswUVVTS2hSaHhqTE5HM0wxTHdoamg4ZHBtWXBXczZOVElBZU9SSDd4NFozd0NuTHJtMWM2RU9qdjFmVjNHdmE2cDlpRm1YbDVSb204cmdrYkhFS2s9IiwiZXhwIjoiQVFBQiJ9fQ==.eyJjbGllbnRJZCI6IjUzNWZlY2MyYzhlMDI2MmZlYTFkNDQ0NDkyODNkOTQwNDQzMDYwZDQifQ==.dzRy2WM8kiXrMIS52VQopNAuOewgPS1VfiX4kOj0ygm-UDqbiNimCKpS6vBZf97LtvLD2Fw7-zptf73wPIAICQ==
2016-04-06 00:13:22.168 SSMobileApp[5742:3715346] [TRACE] [WLNativeXHR] setRequestHeader name X-WL-Session value 7453DE78-568F-4186-90FC-C7AA1F131B13
2016-04-06 00:13:22.171 SSMobileApp[5742:3715347] [TRACE] [WLNativeXHR] send
2016-04-06 00:13:22.174 SSMobileApp[5742:3715348] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] +[WLAFHTTPRequestOperationManagerWrapper requestWithURL:] in WLAFHTTPRequestOperationManagerWrapper.m:52 :: Request url is https://myhostname:443/SSProject/apps/services/api/SSMobileApp/iphone/init
2016-04-06 00:13:22.181 SSMobileApp[5742:3715348] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper start] in WLAFHTTPRequestOperationManagerWrapper.m:320 :: Starting the request with URL https://myhostname:443/SSProject/apps/services/api/SSMobileApp/iphone/init
2016-04-06 00:13:22.297 SSMobileApp[5742:3715308] CFNetwork SSLHandshake failed (-9824)
2016-04-06 00:13:22.297 SSMobileApp[5742:3715308] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824)
2016-04-06 00:13:22.298 SSMobileApp[5742:3715258] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFailed:error:] in WLAFHTTPRequestOperationManagerWrapper.m:352 :: Request Failed
2016-04-06 00:13:22.299 SSMobileApp[5742:3715258] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFailed:error:] in WLAFHTTPRequestOperationManagerWrapper.m:353 :: Response Status Code : 0
2016-04-06 00:13:22.302 SSMobileApp[5742:3715258] [DEBUG] [WL_AFHTTPRequestOperationManagerWrapper_PACKAGE] -[WLAFHTTPRequestOperationManagerWrapper requestFailed:error:] in WLAFHTTPRequestOperationManagerWrapper.m:354 :: Response Error : An SSL error has occurred and a secure connection to the server cannot be made.
2016-04-06 00:13:22.310 SSMobileApp[5742:3715317] [ERROR] [NONE] [/apps/services/api/SSMobileApp/iphone/init] Host is not responsive.
2016-04-06 00:13:22.311 SSMobileApp[5742:3715317] [DEBUG] [NONE] Failed connecting to MobileFirst Server.
2016-04-06 00:13:22.329 SSMobileApp[5742:3715258] THREAD WARNING: ['Notification'] took '19.496826' ms. Plugin should use a background thread.
2016-04-06 00:13:33.259 SSMobileApp[5742:3715258] [DEBUG] [WORKLIGHT] +[WLClient sharedInstance] in WLClient.m:165 :: IBMMobilieFirstFoundation.framework version = 7.1-2015/12/27 17:46:32
2

I also Tried running this command from Mac to diagnose if SSL handshake completes but same thing it failed. Not sure if this is right way to test.

nscurl --ats-diagnostics https://ourhostname --verbose

Default ATS Secure Connection
---
ATS Default Connection
ATS Dictionary:
{
}
2016-04-06 00:45:50.326 nscurl[49333:2857308] CFNetwork SSLHandshake failed (-9824)
2016-04-06 00:45:50.327 nscurl[49333:2857308] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824)
Result : FAIL
Error : Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9824, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7fcc68405f90 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9824, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9824}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://hostname/, NSErrorFailingURLStringKey=https://hostname/, _kCFStreamErrorDomainKey=3}

Can someone help me what am I missing here? Are we required to put some certificate with the mobile app so that this SSL handshake doesn't fail?

1条回答
姐就是有狂的资本
2楼-- · 2019-09-04 07:29

Make sure that you have properly configured the MobileFirst Server with TLS 1.2 support by following the instructions provided in this blog post (too long to post as an answer): https://mobilefirstplatform.ibmcloud.com/blog/2015/09/07/preparing-ibm-mobilefirst-platform-server-app-transport-security-ios-9/

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)