I have a very strange error, I have an enterprise app that run over 4000 iPod touch, the version has been deployed since 3-4 months
and since monday this week we started to got intermittent SSL error only for URLSessionDownloadTask with Background Session
my ATS in info.plist are configured correctly
When debugging I got the following error:
Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made."
I then ran the following command in terminal
nscurl --ats-diagnostics https://myServerURL --verbose
I got this following error ( the same I got in debug) for TLS 1.3
2018-02-09 11:49:00.845 nscurl[24730:1227795] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9800)
Result : FAIL
Error : Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9800, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7ff2a8100f50 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9800, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9800}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., ......
why suddently it is trying to use TLS v1.3 ?
In my info.plist I have put the minimum to 1.2 which is the default
I just found there is a way to restrict the TLS in URLSessionConfiguration, I will try that
but any logical explanation about this?
thanks