{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 余生请多指教 的问题《CFNetwork SSLHandshake failed iOS 9》','https://www.manongdao.com/q-5961.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
has anyone with the iOS 9 beta 1 had this issue?
I use standard NSURLConnection to connect to a webservice and as soon as a call is made to the webservice i get the below error. This is currently working in iOS 8.3
Possible beta bug? any ideas or thoughts would be great ! I know its very early in iOS 9 development
Here is the full error:
CFNetwork SSLHandshake failed (-9824) NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824)
NSURLRequest * urlRequest = [NSURLRequest requestWithURL:[NSURL URLWithString:@"https://mywebserviceurl"]];
NSURLResponse * response = nil;
NSError * error = nil;
NSData * data = [NSURLConnection sendSynchronousRequest:urlRequest
returningResponse:&response
error:&error];
After two days of attempts and failures, what worked for me is this code of womble
with One change, according to this post we should stop using sub-keys associated with the NSExceptionDomains dictionary of that kind of Convention
And use at the new Convention
instead.
apple documentation
my code
Why makes it too complicated-
Just set iOS Development Target - 8.0
And Cmd+Shift+K
If your backend uses a secure connection ant you get using NSURLSession
you need to check your server configuration especially to get ATS version and SSL certificate Info:
Instead of just Allowing Insecure Connection by setting
NSExceptionAllowsInsecureHTTPLoads = YES, instead you need to Allow Lowered Security in case your server do not meet the min requirement (v1.2) for ATS (or better to fix server side).Allowing Lowered Security to a Single Server
use openssl client to investigate certificate and get your server configuration using openssl client :
..find at the end
App Transport Security (ATS) require Transport Layer Security (TLS) protocol version 1.2.
Requirements for Connecting Using ATS:
Update: it turns out that openssl only provide the minimal protocol version Protocol : TLSv1 links
iOS 9 and OSX 10.11 require TLSv1.2 SSL for all hosts you plan to request data from unless you specify exception domains in your app's Info.plist file.
The syntax for the Info.plist configuration looks like this:
If your application (a third-party web browser, for instance) needs to connect to arbitrary hosts, you can configure it like this:
If you're having to do this, it's probably best to update your servers to use TLSv1.2 and SSL, if they're not already doing so. This should be considered a temporary workaround.
As of today, the prerelease documentation makes no mention of any of these configuration options in any specific way. Once it does, I'll update the answer to link to the relevant documentation.
Another useful tool is nmap (brew install nmap)
Gives output
The device I tested at had wrong time set. So when I tried accessing a page with a certificate that would run out soon it would deny access because the device though the certificate had expired. To fix, set proper time on the device!