NSURLSession/NSURLConnection HTTP load failed

KrzysiekF · September 21, 2015, 9:17pm

Hello,
I’m working on a new mobile application used to monitor sales on Envato Markets. I’m having a problem with the last update to iOS9.

When application tries to connect to envato API I’m getting an error:

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)

I’m trying to add this line in my config.xml file:

<key>NSAppTransportSecurity</key>
<dict>
  <key>NSAllowsArbitraryLoads</key>
  <true/>
</dict>

but still getting an error.

Are you familiar with this issue?
Can anybody suggest a solution?

Thank you.

Regards,
Krzysiek

KrzysiekF · September 22, 2015, 10:21am

Can anyone help me? I really need fix this issue.

thoorne · September 23, 2015, 9:09am

I’m also stuck with this issue after updating my iPhone and Xcode to iOS 9. Have you tried adding this code to AppDelegate.m?

@implementation NSURLRequest(DataController) 
+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString *)host 
{ 
    return YES; 
} 
@end

For me that doesn’t work, also there are voices that Apple will reject for that piece of code.

I’ve read that this is something with server configuration/nginx however even Instagram API doesn’t work for me.

KrzysiekF · September 23, 2015, 9:24am

I fixed it … try add this lines:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

In this file: (…)/platforms/ios/YOURAPP/YOURAPP-Info.plist after this line:

<plist version="1.0"><dict>

thoorne · September 23, 2015, 9:37am

This didn’t work for me. It’s also not recommended by Apple.

What really helped me is adding this to Info.plist:

<key>NSAppTransportSecurity</key>
<dict>
	<key>NSExceptionDomains</key>
	<dict>
		<key>instagram.com</key>
		<dict>
			<key>NSExceptionRequiresForwardSecrecy</key>
			<false/>
			<key>NSIncludesSubdomains</key>
			<true/>
		</dict>
		<key>amazonaws.com</key>
		<dict>
			<key>NSIncludesSubdomains</key>
			<true/>
			<key>NSExceptionRequiresForwardSecrecy</key>
			<false/>
		</dict>
        </dict>
</dict>

Replace amazonaws.com and instagram.com with your domains/api endpoints.

KrzysiekF · September 23, 2015, 9:46am

Thank you I probably change my file.

kickerkeeper · October 22, 2015, 6:57pm

Thanks guys, the allowsAnyHTTPSCertificateForHost was necessary for mine to work.

Elie · October 29, 2015, 12:51am

Worked for me.
In my case it was with the Ionic Deploy server. The SSL certificat seems valid, but somehow iOS 9 doesn’t like it

mpowered · March 21, 2016, 9:26pm

Whilst these changes to the plist work, they get wiped out every time you run a build command. Is there a way to do this from the config.xml file?

sakotturi · June 1, 2016, 1:30am

I’m seeing this despite having configured a Content-Security-Policy for my app.

I’ve set AllowArbitraryLoads to FALSE and all my XHR requests are going through, but Xcode logs this message every 10 seconds:

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)

cyberionic · August 25, 2016, 1:43pm

thank you for your solution.

billy_comic · December 15, 2016, 10:28pm

@sakotturi

Did you ever figure this out?

logus · March 30, 2017, 6:54pm

This helped me. Now working perfectly. Thanks.

sasitha92 · July 12, 2019, 8:51am

you can do it using this.

<allow-navigation href="http://localhost:8080/*"/>