CODEWITHSUNDEEP
iossslhttps
JLau_cy
JLau_cy

Reputation: 715

iOS app SSL handshake failed

I am making an app to login to an aspx website over HTTPS by passing login credentials in a post method. When checking the response using Charles Proxy I can see a SSL Handshake failed error from seal.verisign.com, I am then taken back to the login page. I am not sure what I need to do to solve this issue.

I am testing this in the iPhone simulator.

I do not have access to the server implementation.

Any ideas?

Thank you!

Upvotes: 41

Views: 40720

Answers (8)

Bruno Cunha
Bruno Cunha

Reputation: 1810

If running on the simulator, just restart both Charles Proxy and the simulator, making sure Charles Proxy starts first

Upvotes: 0

Vaiden
Vaiden

Reputation: 16122

On iOS >= 10.3, after installing the Charles Proxy certificate (as per @ashish-verma's excellent answer), you also need to enable it through Settings -> General -> About -> Certificate Trust Settings:

Enable SSL root certificate on iOS 10.3 and up

Full setup here: http://www.devsbedevin.net/debugging-ios-ssl-traffic/

Upvotes: 155

anton46
anton46

Reputation: 391

Remove all old user credentials, then Re-Install new ssl certificate.

Upvotes: 0

Ben Thomas
Ben Thomas

Reputation: 1488

If installing the certificate still doesn't help you, then it may be due to SSL Pinning.

From charlesproxy.com:

SSL Pinning Note that some apps implement SSL certificate pinning which means they specifically validate the root certificate. Because the app is itself verifying the root certificate it will not accept Charles's certificate and will fail the connection. If you have successfully installed the Charles root SSL certificate and can browse SSL websites using SSL Proxying in Safari, but an app fails, then SSL Pinning is probably the issue.

Upvotes: 19

Ashish Verma
Ashish Verma

Reputation: 1818

You need to install SSL certificate to resolve this issue.

Follow these steps

  1. Open Safari browser on iOS Simulator

  2. Type "www.charlesproxy.com/getssl" in address bar

  3. Install the SSL certificate
  4. Restart Charles Proxy

Upvotes: 3

Rotues Jia
Rotues Jia

Reputation: 1

You have to install SSL certificate on mobile device.

Search online for how to install SSL certificate for Charles Proxy.

Upvotes: 0

Jalakoo
Jalakoo

Reputation: 3583

Perhaps testing on an actual device will give more insight?

To do that in Charles:

  1. Goto Proxy: Proxy Settings...
  2. Proxies tab: Enter "8888" in the HTTP Proxy port: field
  3. SSL Tab: make sure the "Enable SSL Proxying" is on

On your dev machine:

  1. Goto System Preferences: Network: Wifi: Advanced: TCP/IP Tab: Make note of the IPV4 Address: (i.e. 10.0.1.101)

On your iDevice:

  1. Goto http://charlesproxy.com/charles.crt from your device and download Charles SSL certificate
  2. Okay the certificate as trusted (be sure to disable or remove it once you're done)
  3. Goto the Settings App: Wifi: Select the detailed disclosure button (round blue button with the white arrow) for your network
  4. Under HTTP Proxy, select "Manual"
  5. Enter in the address from step (dev machine 1.) into the Server field, and the port number from step (charles 2.)

Finally:

  1. Restart Charles
  2. Run Safari on your iDevice to test. This should prompt Charles to display a dialog box to allow or deny SSL proxying. Obviously allow and you should be good to go.

More Info at Charles's site: http://www.charlesproxy.com/documentation/proxying/ssl-proxying/

Also, are you getting a response to the connection:(NSURLConnection*)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge*)challenge method?

Upvotes: 15

gWiz
gWiz

Reputation: 1284

It is possible that the server doesn't have a valid certificate for the url you are using. Did you check that?

If you try the url using a browser, does it give you a warning?

Upvotes: 1

Related Questions