Domain=NSURLErrorDomain Code 1202

ios amazon-web-services ssl nsurlsession tls1.2

30,273

For the devs who are working with a server locally and need to get the iOS Simulator to trust the certificate. Follow the steps below:

Get the .cer file by exporting the certificate from the Keychain. You need the certificate file in a valid format and its easiest to get this by exporting it from the Keychain.
Drag and drop the aforementioned .cer file onto the simulator. It should give you a prompt on installing a "Profile". Go ahead and follow the instructions to install it.
For those who are working with the latest versions of XCode and iOS Simulator. You need to do 1 last step. The Simulator must be explicitly told to trust the root CA. Do this by going to General -> About -> Certificate Trust Settings -> "Enable Full Trust for Root Certificate" for your particular certificate

Hopefully, this saves headaches for some people!

30,273

Bar

Updated on August 07, 2020

Comments

Bar almost 4 years
Hi I receive the following error:

Error Domain=NSURLErrorDomain Code=-1202 \"The certificate for this server is invalid. You might be connecting to a server that is pretending to be “server-prod.name-cloud.com” which could put your confidential information at risk.\" UserInfo={NSErrorFailingURLStringKey=https://server-prod.name-cloud.com /v3/project/session/926B9E6BE31B/, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://server-prod.name-cloud.com /v3/project/session/926B9E6BE31B/, _kCFStreamErrorCodeKey=-9843, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “server-prod.name-cloud.com” which could put your confidential information at risk.}

I read all the relevant docs, we apply all the requirements in "Common Failures" section.

More details:
- the errors received only from Germany(except 4 times in the past 2W that was from Italy)
- It is not reproducible in house
- Eventually after tons of retries the uploads go throw
- This was received booth in iOS 10.x.x & 9.x.x
- I use amazon servers with 2016-08 SSL Security Policies, so according to apple it should be OK
In the app I use:
```
<key>NSAppTransportSecurity</key>
   <dict>
      <key>NSAllowsArbitraryLoads</key>
   <true/>
</dict>
```
note - in production I always use HTTP’s, I leave the NSAllowsArbitraryLoads because some testers offshore can switch the rout to HTTP for debugging.
- SG iOS Developer over 7 years
  
  You read it (http://lithium3141.com/blog/2015/08/21/shipping-an-app-with‌-app-transport-secur‌ity/
Christopher Hannah about 7 years

Wow, you just saved my sanity.
Jesus Rodriguez almost 7 years

The "Enable Full Trust for Root Certificate" option is not present on my simulator running ios 10.3
John Girata almost 7 years

In my case, the option to "Enable Full Trust for Root Certificate" appears only for root certificates. It does not appear for intermediate or leaf certificates.
Harish J over 6 years

I followed the steps above, but still getting the error. Does this solution work only for a server hosted on the same machine, as that of the simulator? Basically, for me, the server resides on another machine, but in the local network where I can access it by passing IP address. For some reasons, I cannot run an instance of the server on my machine.
Jonny Nott about 5 years

Also come unstuck at step 3. :( (latest Xcode) .. I can't see my cert in the 'Certificate Trust Settings' list, only in General -> Profiles
MaxPRafferty about 5 years

It appears that on 12.2 (probably earlier versions as well) the procedure is now to go to general > profiles, select the cert, and hit install in the upper right
Milan Manwar over 4 years

it worked for me, added proxy server's self signed certificate to simulator, installed it from settings and enabled full trust.
marika.daboja about 4 years

You safe my life!
Andy Nadal over 2 years

but what would happen in production?, and won't the App Review process reject it?