Post

Replies

Boosts

Views

Activity

Reply to Only on macOS catalina, NSURLSession fail with NSURLErrorClientCertificateRequired
Hi,403 is an expected response. It is just that in one case I see 403 in console output, and in another i get 403 as response in urlsession delegate.It's just that Earlier I get NSURLErrorClientCertificateRequired next time I don't. Also, this behavior is only with catalina. In mojave I get 403 response with any NSError. This behaior is expected.Can it be related to caching of certificate by urlsession? First time it throws auth chalLenge along with NSError and next time it's no auth challenge and no NSError. Just reponse.
Mar ’20
Reply to Only on macOS catalina, NSURLSession fail with NSURLErrorClientCertificateRequired
Thanks for the reply. I have been looking into this for a while.The certificate is from trusted CA and same as I get in safari.Following the steps with observation:1. Make request2. Auth challenge thrown, and I share certificate identity.3. Request fails with NSURLErrorClientCertificateRequired error, though I can see 403 response in console by enabling CFNETWORK DIAGNOSTICS. 403 is expected in response.4. Make the same request again.5. 403 received in response. (No Authchallenge thrown this time)6. Request completes without any error.I am not able to understand why the above beahvior is observed. Why the response is not received first time when I actually share certificate with auth challenge.
Mar ’20
Reply to Only on macOS catalina, NSURLSession fail with NSURLErrorClientCertificateRequired
No, there is no localhost between client and server.There are multiple calls to delegate method-(void)URLSession:(NSURLSession *)sessiondidReceiveChallenge:(NSURLAuthenticationChallenge *)challengecompletionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential * _Nullable))completionHandlerBoth kinds of authentication method are received, NSURLAuthenticationMethodServerTrust and NSURLAuthenticationMethodClientCertificate. I share NSURLCredential for both. For NSURLAuthenticationMethodClientCertificate, along with certificate identity, I have tried sharing nil as well as certificate chain for certificate parameter for NSURLCredential. The authentication via smarcard.
Feb ’20