iOS9 getting error “an SSL error has occurred and a secure connection to the server cannot be made”

For the iOS9, Apple made a radical decision with iOS 9, disabling all unsecured HTTP traffic from iOS apps, as a part of App Transport Security (ATS). To simply disable ATS, you can follow this steps by open Info.plist, and add the following lines: <key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict>

How to use NSURLConnection to connect with SSL for an untrusted cert?

There is a supported API for accomplishing this! Add something like this to your NSURLConnection delegate: – (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace { return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]; } – (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) if ([trustedHosts containsObject:challenge.protectionSpace.host]) [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge]; } Note that connection:didReceiveAuthenticationChallenge: can send its message to challenge.sender (much) …

Read more

How do I load an HTTP URL with App Transport Security enabled in iOS 9? [duplicate]

See Apple’s Info.plist reference for full details (thanks @gnasher729). You can add exceptions for specific domains in your Info.plist: <key>NSAppTransportSecurity</key> <dict> <key>NSExceptionDomains</key> <dict> <key>testdomain.com</key> <dict> <key>NSIncludesSubdomains</key> <true/> <key>NSExceptionAllowsInsecureHTTPLoads</key> <true/> <key>NSExceptionRequiresForwardSecrecy</key> <true/> <key>NSExceptionMinimumTLSVersion</key> <string>TLSv1.2</string> <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key> <false/> <key>NSThirdPartyExceptionRequiresForwardSecrecy</key> <true/> <key>NSThirdPartyExceptionMinimumTLSVersion</key> <string>TLSv1.2</string> <key>NSRequiresCertificateTransparency</key> <false/> </dict> </dict> </dict> All the keys for each excepted domain are optional. The speaker …

Read more