Hi,
We are running into problem as there is no API to set SNI on TLS Parameters of NWTCPConnection. In CFStream API this can be done easily by setting "kCFStreamSSLPeerName". When this is set, in Client Hello this parameter is used as SNI.
Is there any way/alternative to set SNI on NWTCPConnection?
Thanks and regards.
I presume that the SNI is being set from the host name you used to construct the NWHostEndpoint that you passed to
-createTCPConnectionToEndpoint:enableTLS:TLSParameters:delegate:If so, then yeah, I believe you are out of luck here. I’d appreciate you filing an enhancement request for support for that. Please post your bug number, just for the record.
There’s no good way to work around this within the confines of NWTCPConnection but there’s also no requirement to use NWTCPConnection in your provider. You’re free to use whatever transport and TLS implementation you like, including BSD Sockets + Secure Transport or CFSocketStream (via the NSStream API).
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"I presume that the SNI is being set from the host name you used to construct the NWHostEndpoint that you passed to
-createTCPConnectionToEndpoint:enableTLS:TLSParameters:delegate:If so, then yeah, I believe you are out of luck here. I’d appreciate you filing an enhancement request for support for that. Please post your bug number, just for the record.
There’s no good way to work around this within the confines of NWTCPConnection but there’s also no requirement to use NWTCPConnection in your provider. You’re free to use whatever transport and TLS implementation you like, including BSD Sockets + Secure Transport or CFSocketStream (via the NSStream API).
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"Hi ,
Filed 31117269 for this request.