CODEWITHSUNDEEP
iosswiftios9
Bright
Bright

Reputation: 5751

App Transport Security: NSURLSession/NSURLConnection HTTP load failed

I have this code: 

func loginWithBasicAuth() -> Void {

    let usernameText = username.text
    let passwordText = password.text

    let credentialData = "\(usernameText):\(passwordText)".dataUsingEncoding(NSUTF8StringEncoding)
    let base64Credentials = credentialData?.base64EncodedStringWithOptions([])
    let headers = ["Authorization": "HTTP Basic \(base64Credentials)"]

    Alamofire.request(.GET, "https://api.domainname.com/v0.1/", headers: headers).responseString { aResponse in

        if let receivedString = aResponse.result.value {

            print(receivedString)

        } else {

            print("Login failed.")

        }
    }
}

In the console it prints:

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802) Login failed.

Here's the configuration in the info.plist file: enter image description here

What's wrong?

Upvotes: 2

Views: 844

Answers (3)

Julian
Julian

Reputation: 9337

Add NSIncludesSubdomains as you refer to subdomains and wants to have it also as an exception. See this answer for more details

Upvotes: 0

Marcos Crispino
Marcos Crispino

Reputation: 8218

I'm not sure NSThirdPartyExceptionAllowsInsecureHTTPLoads is the right key to use when the connection is via HTTPS. You should probably use NSThirdPartyExceptionMinimumTLSVersion or NSThirdPartyExceptionRequiresForwardSecrecy.

I would highly recommend reading the App Transport Security Technote document, specially the Diagnosing Connection Issues section.

There is a tool that may help you diagnose your domain:

/usr/bin/nscurl --ats-diagnostics [--verbose] URL

Upvotes: 2

Bhavuk Jain
Bhavuk Jain

Reputation: 2187

Make NSAllowsArbitraryLoads to YES to disable ATS.

Upvotes: 1

Related Questions