{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 何必那么认真 的问题《NSURLSession ){kind=link}
I'm trying to connect my iOS app to an HTTPS Rails app which is currently run on a local host in my network. I can access the site from my browser with https://myIP:3000/display as well as in the command line with a curl request. I'm trying to access it from my app using:
class FirstViewController: UIViewController {
override func viewDidLoad() {
super.viewDidLoad()
//let url = NSURL(string: "https://another/Sinatra/website/feed")
let url = NSURL(string: "https://myIP:3000/display")
let request = NSURLRequest(URL: url!)
let task = NSURLSession.sharedSession().dataTaskWithURL(url!)
task!.resume()
}
When I try to access the sinatra website I have no trouble and can even print out the JSON to the console with the correct commands. However, when I set url to my Rails website I get the following error.
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)
In addition, I can tell that my localhost Rails app (on the other machine) is not pinged from the iOS app, but is pinged from the browser and curl command.
Any ideas how to fix this?
This is a trust issue. With a self-signed certificate, the identity verification component of SSL does not work. It's still possible to establish a secure connection so that nobody is eavesdropping, but the app cannot be sure of who is on the other end of the line.
I have a similar setup, and solved this issue by adding my self-signed root CA to the iPad trusted certificates. This root CA is used to sign all of my other development certificates. Then I just have to add this single root certificate anywhere that SSL will be used. If you just have a self-signed certificate that you are using directly, you can probably just add that.
To get the certificate onto the device (or simulator), I put the file on my web server. Then just open it in Safari over plain HTTP. The Settings app should open and ask if you want to trust the certificate.
Of course this is assuming that this is for development only, and that your production system has a certificate signed by a well-known authority (i.e. one included in the OS' database of root certificate authorities). Because asking end users to install your self-signed certificate won't fly.