Self signed HTTPS certificate

[taesiri]

Hello,

I want to connect to a server with self-signed https certificate. Is there any way to skip https error?

[dduan]

Sorry, could you be a bit more specific? Are you trying to work around App Transport Security?

[taesiri]

Yes, It's related to ATS.

Here is the full error message I've got when I tried to connect to a server that uses invalid/self-signed https.

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)

More details:

Optional(Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “SERVER-IP-ADDRESS” which could put your confidential information at risk." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x610000106150>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, NSErrorPeerCertificateChainKey=(
    "<cert(0x7fd4fa831400) s: snsfsrv i: snsfsrv>"
), NSUnderlyingError=0x618000053e30 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x610000106150>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9813, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, kCFStreamPropertySSLPeerCertificates=(
    "<cert(0x7fd4fa831400) s: snsfsrv i: snsfsrv>"
)}}, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “SERVER-IP-ADDRESS” which could put your confidential information at risk., NSErrorFailingURLKey=https://SERVER-IP-ADDRESS/URL, NSErrorFailingURLStringKey=https://SERVER-IP-ADDRESS/URL, NSErrorClientCertificateStateKey=0})

[dduan]

You can install the cert into your iOS simulator. Alternatively, you can use HTTP and whitelist in Info.plist during development.