HTTPS request failed because of Error Domain=NSURLErrorDomain Code=-1202 only on iOS14.6

App & System Services Core OS
TonyLand OP
Created May ’21
Replies 1
Boosts 0
Views 1.7k
Participants 2

Hi,everyone , Recently I update my iphone 12pro max system to iOS14.6 system , One of the HTTPS request connect to our server works fine on iOS14.5.1 and eariler iOS versions, but it fails only on iOS14.6,the error message shows like below :

Error Domain=NSURLErrorDomain Code=-1202 "此服务器的证书无效。您可能正在连接到一个伪装成“a.b.c.com”的服务器,这会威胁到您的机密信息的安全。" UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x28103fd50>, NSErrorFailingURLKey=https://a.b.c.com/path/to/specific/work/get, NSErrorFailingURLStringKey=https://a.b.c.com/path/to/specific/work/get, NSLocalizedDescription=此服务器的证书无效。您可能正在连接到一个伪装成“a.b.c.com”的服务器,这会威胁到您的机密信息的安全。}

but we had double check the certicicate of the service, pretty sure it's ok, and the certificate was approved by go_daddy, but it only happens on iOS14.6, and now all of our user update to iOS14.6 encountered this problem, anyone can help, thanks a million.

Replies  1
Boosts  0
Views  1.7k
Participants  2
Systems Engineer OP
Apple
Jun ’21

but it fails only on iOS14.6,the error message shows like below : UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x28103fd50>, NSErrorFailingURLKey=https://a.b.c.com/path/to/specific/work/get

but we had double check the certicicate of the service, pretty sure it's ok, and the certificate was approved by go_daddy, but it only happens on iOS14.6

I would take a look at your certificate being used for TLS and check the Not Valid Before Date and the Not Valid After date. If it the Not Valid Before date is greater than April 21, 2021 (2021-04-21T00:00:00Z) then you should checkout the unique number of SCTs (Signed Certificate Timestamps) embedded on the certificate. These values are embedded as an extension. Recently, we changed our Certificate Transparency policy to require a certificate contain a specific number of SCTs (2 or 3) before the TLS certificate is considered trusted on the platform. See more about this here.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
0
HTTPS request failed because of Error Domain=NSURLErrorDomain Code=-1202 only on iOS14.6
First post date Last post date
 
 
Q