ios iOS9 出现错误“发生 SSL 错误,无法与服务器建立安全连接”
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/32755674/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
iOS9 getting error “an SSL error has occurred and a secure connection to the server cannot be made”
提问by Nanda
Since I upgraded my existing project with iOS 9, I keep getting the error :
由于我使用 iOS 9 升级了现有项目,因此我不断收到错误消息:
An SSL error has occurred and a secure connection to the server cannot be made.
发生 SSL 错误,无法与服务器建立安全连接。
回答by Tony TRAN
For the iOS9, Apple made a radical decision with iOS 9, disabling all unsecured HTTP traffic from iOS apps, as a part of App Transport Security (ATS).
对于 iOS9,Apple 对 iOS 9 做出了一个激进的决定,禁用来自 iOS 应用程序的所有不安全的 HTTP 流量,作为应用程序传输安全 (ATS) 的一部分。
To simply disable ATS, you can follow this steps by open Info.plist, and add the following lines:
要简单地禁用 ATS,您可以按照以下步骤打开Info.plist,并添加以下行:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
回答by Stéphane Bruckert
Even though allowing arbitrary loads (NSAllowsArbitraryLoads = true) is a good workaround, you shouldn't entirely disable ATS but rather enable the HTTP connection you want to allow:
尽管允许任意加载 ( NSAllowsArbitraryLoads = true) 是一个很好的解决方法,但您不应完全禁用 ATS,而应启用您想要允许的 HTTP 连接:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>yourserver.com</key>
<dict>
<!--Include to allow subdomains-->
<key>NSIncludesSubdomains</key>
<true/>
<!--Include to allow HTTP requests-->
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<!--Include to specify minimum TLS version-->
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
回答by TechSeeko
iOS 9 forces connections that are using HTTPS to be TLS 1.2 to avoid recent vulnerabilities. In iOS 8 even unencrypted HTTP connections were supported, so that older versions of TLS didn't make any problems either. As a workaround, you can add this code snippet to your Info.plist:
iOS 9 强制使用 HTTPS 的连接为 TLS 1.2 以避免最近的漏洞。在 iOS 8 中甚至支持未加密的 HTTP 连接,因此旧版本的 TLS 也不会产生任何问题。作为一种解决方法,您可以将此代码片段添加到您的 Info.plist 中:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
*referenced to App Transport Security (ATS)
*参考应用传输安全 (ATS)
回答by Nathan Noble
If you are just targeting specific domains you can try and add this in your application's Info.plist:
如果您只是针对特定域,您可以尝试将其添加到应用程序的 Info.plist 中:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>example.com</key>
<dict>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSIncludesSubdomains</key>
<true/>
</dict>
</dict>
</dict>
回答by steve
It appears that iOS 9.0.2 breaks requests to valid HTTPS endpoints. My current suspicion is that it is requiring SHA-256 certs or it fails with this error.
iOS 9.0.2 似乎中断了对有效 HTTPS 端点的请求。我目前的怀疑是它需要 SHA-256 证书,否则会因此错误而失败。
To reproduce, inspect your UIWebView with safari, and try navigating to an arbitrary HTTPS endpoint:
要重现,请使用 safari 检查您的 UIWebView,并尝试导航到任意 HTTPS 端点:
location.href = "https://d37gvrvc0wt4s1.cloudfront.net/js/v1.4/rollbar.min.js"
// [Error] Failed to load resource: An SSL error has occurred and a secure connection to the server cannot be made. (rollbar.min.js, line 0)
Now try going to google (because of course they have a SHA-256 cert):
现在尝试去谷歌(因为他们当然有一个 SHA-256 证书):
location.href = "https://google.com"
// no problemo
Adding an exception to transport security (as outlined by @stéphane-bruckert's answer above) works to fix this. I also assume that completely disabling NSAppTransportSecuritywould work too, though I've read that completely disabling it can jeopardize your app review.
为传输安全添加一个例外(如上面@stéphane-bruckert 的回答所述)可以解决这个问题。我还假设完全禁用NSAppTransportSecurity也可以,尽管我已经读过完全禁用它会危及您的应用程序。
[EDIT] I've found that simply enumerating the domains I'm connecting to in the NSExceptionDomainsdict fixes this problem, even when leaving NSExceptionAllowsInsecureHTTPLoadsset to true. :\
[编辑] 我发现简单地枚举我在NSExceptionDomainsdict 中连接的域可以解决这个问题,即使NSExceptionAllowsInsecureHTTPLoads设置为 true。:\
回答by Hashim Akhtar
I get the same error when I specify my HTTPS URL as : https://www.mywebsite.com. However it works fine when I specify it without the three W's as : https://mywebsite.com.
当我将我的 HTTPS URL 指定为:https://www.mywebsite.com时,我得到了同样的错误。但是,当我将它指定为没有三个 W 时它工作正常:https://mywebsite.com。
回答by Helge Becker
The problem is the ssl certificate on server side. Either something is interfering or the certificate doesn't match the service. For instance when a site has a ssl cert for www.mydomain.com while the service you use runs on myservice.mydomain.com. That is a different machine.
问题是服务器端的 ssl 证书。要么有干扰,要么证书与服务不匹配。例如,当站点具有 www.mydomain.com 的 ssl 证书而您使用的服务在 myservice.mydomain.com 上运行时。那是一台不同的机器。
回答by Shanmugasundharam
Xcode project -> goto info.plist and Click + Button then Add (App Transport Security Settings)Expand, Allow Arbitrary Loads Set YES. Thanks
Xcode 项目 -> 转到 info.plist 并单击 + 按钮然后添加(应用程序传输安全设置)扩展,允许任意加载设置为 YES。谢谢
回答by Akila Wasala
My issue was NSURLConnectionand that was deprecated in iOS9 so i changed all the API to NSURLSessionand that fixed my problem.
我的问题是NSURLConnectioniOS9 中已弃用,因此我将所有 API 更改为NSURLSession并解决了我的问题。
回答by Teena nath Paul
In my case I faced this issue in my simulator because my computer's date was behind of current date. So do check this case too when you face SSL error.
就我而言,我在模拟器中遇到了这个问题,因为我的计算机日期落后于当前日期。因此,当您遇到 SSL 错误时,也请检查这种情况。
