HTTPS url not loading in UIWebView

Hi guys,


I have a problem I'm trying to solve for some days.

I'm trying to load some content in a webview and I have an HTTPS url that should be loaded.

My problem is that I receive this error:

Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “myURL.amazonaws.com” which could put your confidential information at risk." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x170119a10>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, NSErrorPeerCertificateChainKey=(

"<cert(0x101088e00) s: myURL.amazonaws.com i: myURL.amazonaws.com-CA>"


Do you have any idea how could I make this work?


Thank You,

Mihai.

Replies

This looks like a straightforward server trust evaluation problem; error -9813 is

errSSLNoRootCert
, or “cert chain not verified by root”.

You can override HTTPS server trust evaluation with WKWebView view but that’s a pain, not least because of App Transport Security. The best solution is to get a proper CA-issued certificate for your server.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hi again,

Thank you eskimo for your answer!


I added an extension to NSURLRequest containing

static func allowsAnyHTTPSCertificate(forHost host: String) -> Bool {

return true
}

and now it seems that the webpage starts loading but I receive another error

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)
CFNetwork SSLHandshake failed (-9807)

Do you think the error is still related to the certificate?


I also have the AllowArbitraryLoads set to yes and the url set as an exception in the .plist file


Best regards,

Mihai.

I added an extension to NSURLRequest containing

Do not do this. That method is private API and you should not call or override it.

Why are you not using a CA-issued certificate for this server? HTTPS server trust customisation is a pain, much more painful then giving your server a proper certificate.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"