NSURLConnection/CFURLConnection HTTP load failed

Question

Hello everyone,

In my application I'm trying to download data from Amazon server.

In all devices expect iphone 4s (ios 8.4.1) everything works fine but with iphone4s I'm getting the following error:

NSURLConnection/CFURLConnection HTTLP load failed kCFStreamErrorDomainSSl -9807

(following the way I'm trying to download data, I also have the -9802 error code)

The 2 download way I've tried so far was:

- load data into NSData with NSData dataWithContentsOfURL (not really a good way to do it but file size is just 200 kb)

- AWSS3TransferUtility with Cognito Credential

In my info.plist, I've already set App Transport Security Setting with AllowArbitrary Loads set to true and set Exception Domains following AWS setting

but so far no luck for iphone 4s.

Is there any known bug for this device?

Could you please tell me if there is a way to fix this issue?

I really thank you in advance for your help.

Network

1.4k

Posted by

Cybernet Systems

Reply

Add a Comment

Answer 1

In all devices expect iphone 4s (ios 8.4.1) everything works fine but with iphone4s I'm getting the following error:

Is the iPhone 4S your only iOS 8 test device? Or does iOS 8 work in general but things fail on this specific iPhone 4S?

Error -9807 is

errSSLXCertChainInvalid

, meaning that the device was unable to build a certificate chain from the server’s leaf certificate to a trusted root. If you run the following command against your server, what do you see?

$ TLSTool s_client -connect example.com:443 -noverify

Remember to replace

example.com

with the DNS name of your server.

btw TLSTool is sample code which you can get here.

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Posted by

eskimo

Add a Comment

Answer 2

Thank you for your reply

Below are the test result:

iphone 4s iOS9.0 : error kCFStreamErrorDomainSSl

iphone 4s iOS 8.4.1: error kCFStreamErrorDomainSSl

iphone 5s iOS 8.4.1: error timeout

iphone 5c iOS 9.3.5 : everything works fine

iphone 6s+ iOS 9.3.5 : everything works fine

ipad 2 Wi-fi + 3D iOS 8.3 : everything works fine

with TLSTool, I've tried the following command:

command1: ./TLSTool s_client -connect amazonaws.com:443 -noverify

and the result was: error NSPOSIXErrorDomain

command2: ./TLSTool s_client -connect ec2-52-196-182-108.ap-northeast-1.compute.amazonaws.com:443

and the result was: error NSPOSIXErrorDomain

command 3 : ./TLSTool s_client -connect ap-northeast-1.compute.amazonaws.com:443

and the result was : error kCFErrorDomainCFNetwork

Posted by

Cybernet Systems

Add a Comment

Answer 3

with TLSTool, I've tried the following command:

In future it would be helpful if you posted the full output; TLSTool prints a whole bunch of useful diagnostic info, and it’s important to see it all.

In these specific cases, however, there seems to be a forward actuator stick error. Let’s look at each of your examples in turn.

$ TLSTool s_client -connect amazonaws.com:443 -noverify
* error NSPOSIXErrorDomain / 61
* bytes sent 0, bytes received 0

POSIX error 61 is

ECONNREFUSED

, meaning that this server is not listening on the HTTPS port (443).

$ TLSTool s_client -connect ec2-52-196-182-108.ap-northeast-1.compute.amazonaws.com:443
* error NSPOSIXErrorDomain / 61
* bytes sent 0, bytes received 0

Ditto.

$ TLSTool s_client -connect ap-northeast-1.compute.amazonaws.com:443
* error kCFErrorDomainCFNetwork / 2
* bytes sent 0, bytes received 0

CFNetwork error 2 is

kCFHostErrorUnknown

. And lo, that DNS name simply does not exist.

$ host ap-northeast-1.compute.amazonaws.com
$

From this it’s clear that your TLSTool tests don’t match the code in your app. What URLs are you trying to connect to?

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Posted by

eskimo

Add a Comment

NSURLConnection/CFURLConnection HTTP load failed

Replies