certificate for this server is invalid

ios security ssl swift3 ssl-certificate
43,196

Solution 1

Solved same issue with just setting devices' date & time to automatic.

Solution 2

You can check to see if this is a server-side problem by testing the TLS endpoint using SSL Labs (assuming this is an HTTPS connection). If the results come back invalid, the site will tell you why. If you're using a self-signed certificate, that would certainly cause this error.

If the results come back as valid from SSL Labs, then it's probably on the client side. Some client software doesn't have built-in trusted root certificates, but I doubt that Swift doesn't use the default OS root certificate store.

Solution 3

Remove https://www from ServerTrustPolicy and put just url

Solution 4

Please also check your firewall restrictions. In my case, this error occurred due to my firewall blocked the required URL. it's worked fine after removing firewall restrictions

Share:
43,196
Amanpreet
Author by

Amanpreet

Updated on July 09, 2022

Comments

  • Amanpreet
    Amanpreet almost 2 years

    My app is live. It was working fine. But somedays before we changed the certificates(for security purpose) on Server. And Now whenever I tried to run my app. It is giving error:

    The certificate for this server is invalid. You might be connecting to a server that is pretending to be "DOMAIN NAME" which could put your confidential information at risk.

    I am using Swift3. I want to know Is this front-end issue or server-end? How can I resolve this?

    Note: I have searched a lot about the issue, but didn't get the solution. I also tried Titanium - "The certificate for this server is invalid. You might be connecting to a server that is pretending to be DOMAIN.COM” but I was already follow all the steps.

    Other thing is web-app and Android-app is working Ok. But iOS app giving error.

  • Amanpreet
    Amanpreet over 7 years
    Thanks for information. I tried that and I can see there is column that shows RC4:Yes INSECURE (more info). Do you know How can we make it secure?
  • Scovetta
    Scovetta over 7 years
    RC4 is a cipher enabled on the server. What kind of web-server are you using?
  • Amanpreet
    Amanpreet over 7 years
    I am using Apache.
  • Scovetta
    Scovetta over 7 years
    Here's a link on configuring Apache with strong cipher suites. To get rid of RC4, you can either use the suggested SSLCipherSuite (from the link) or add :!RC4: to the existing SSLCipherSuite configuration directive.
  • Amanpreet
    Amanpreet over 7 years
    Ok.. I will check that. Is we usually face that kind of issues from certificates, Do you have any idea?
  • uday augustin
    uday augustin over 2 years
    It perfectly worked for me. Thank you, Tushar. What is the underlying problem? How it is related to Date and Time?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Error while creating self-signed SSL certificate
How can the SSL client validate the server's certificate?
Certificate Invalid Issue with Alamofire 4.0
How to compare SSL certificates using AFNetworking
Security Warning: The Server you are connected to is using a security certificate that cannot be verified. The Target principal name is incorrect
stunnel - certificate verification
Can Outlook certificate errors be surpressed?
How to trust my own self-signed SSL cert?
what's the difference b/w MMC.exe and certmgr.msc
SSL Certificates: Multiple Single Domain vs Wildcard?