0

在使用 Web 服务时获取 NSURLSession/NSURLConnection HTTP 加载失败(kCFStreamErrorDomainSSL,-9802),即使 Web 服务使用 ssl 保护。为什么呢?网络服务网址:https ://domain.com/services/webservice.asmx?wsdl "

禁用 TLS1.0 和 TLS1.1 并启用 onlu TLS1.2 仍然出现错误

请查看错误描述

Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x7fa511eab900>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, NSErrorPeerCertificateChainKey=<CFArray 0x7fa511eb5360 [0x1062e17b0]>{type = immutable, count = 2, values = ( 0 : <cert(0x7fa514110830) s: xxxxxxx.com i: Entrust Certification Authority - L1C> 1 : <cert(0x7fa514110a80) s: Entrust Certification Authority - L1C i: Entrust.net Certification Authority (2048)> )}, NSUnderlyingError=0x7fa511f28400 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://xxxxxxx.com/services/pryxismobilecalendarwebservice.asmx?wsdlLoginJson, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, kCFStreamPropertySSLPeerCertificates=<CFArray 0x7fa511eb5360 [0x1062e17b0]>{type = immutable, count = 2, values = ( 0 : <cert(0x7fa514110830) s: myeyonline-uat.ey.com i: Entrust Certification Authority - L1C> 1 : <cert(0x7fa514110a80) s: Entrust Certification Authority - L1C i: Entrust.net Certification Authority (2048)> )}, _kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x7fa511eab900>, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://xxxxxxx.com/services/pryxismobilecalendarwebservice.asmx?wsdlLoginJson, _kCFStreamErrorCodeKey=-9802}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://xxxxxxxcom/services/pryxismobilecalendarwebservice.asmx?wsdlLoginJson, NSErrorFailingURLStringKey=https://xxxxxxx.com/services/pryxismobilecalendarwebservice.asmx?wsdlLoginJson, NSErrorClientCertificateStateKey=0}

4

2 回答 2

0

我发现了问题,使用的算法是带有 RSA 的 SHA1,但 iOS9 需要 SHA2

于 2015-11-13T14:59:47.400 回答
0

我通过为域的自动签名认证建立此例外来解决此问题:

<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>xxxxxxx.com</key>
        <dict>
            <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
            <true/>
        </dict>
    </dict>
</dict>
于 2017-10-19T14:02:03.690 回答