已阅读了许多 SO 问题并尝试了一些可能的解决方案,但均无济于事。在“https://api.usno.navy.mil/rstt/oneday?date=06/14/2019&coords=31.575,-81.19”处对 REST API 的简单 Alamofire 调用已经在开发过程中完美运行了几个月(应用程序尚未投入生产)。昨天开始 throw :
“发生 SSL 错误,无法与服务器建立安全连接。”
已将以下内容添加到 info.plist:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>api.usno.navy.mil</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<false/>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>
</dict>
</dict>
Alamofire 调用非常简单(并且到目前为止一直完美地返回 JSON:
Alamofire.request(url).responseJSON { response in...
SSL 实验室给予 USNO 网站“C”级评级。不支持 TLS 1.2。无论如何,我都不是网络专家。在 Alamofire Github 站点上查看了一些雷达。不清楚我在哪里错过了它。
这是失败的完整调试日志。
2019-06-14 09:03:28.369097-0400 Clima[3040:912561] [BoringSSL] boringssl_context_alert_callback_handler(3724) [C21.1:2][0x111bdcc10] Alert level: fatal, description: protocol version
2019-06-14 09:03:28.369183-0400 Clima[3040:912561] [BoringSSL] boringssl_context_error_print(3676) boringssl ctx 0x2835a8360: 4591481704:error:100000f0:SSL routines:OPENSSL_internal:UNSUPPORTED_PROTOCOL:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl/boringssl-109.250.2/ssl/handshake_client.cc:557:
2019-06-14 09:03:28.369208-0400 Clima[3040:912561] [BoringSSL] boringssl_context_get_error_code(3581) [C21.1:2][0x111bdcc10] SSL_AD_PROTOCOL_VERSION
2019-06-14 09:03:28.370835-0400 Clima[3040:912561] TIC TCP Conn Failed [21:0x280249680]: 3:-9836 Err(-9836)
2019-06-14 09:03:28.452934-0400 Clima[3040:912561] [BoringSSL] boringssl_context_alert_callback_handler(3724) [C22.1:2][0x111bbd280] Alert level: fatal, description: protocol version
2019-06-14 09:03:28.453033-0400 Clima[3040:912561] [BoringSSL] boringssl_context_error_print(3676) boringssl ctx 0x2835a80b0: 4591481704:error:100000f0:SSL routines:OPENSSL_internal:UNSUPPORTED_PROTOCOL:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl/boringssl-109.250.2/ssl/handshake_client.cc:557:
2019-06-14 09:03:28.453066-0400 Clima[3040:912561] [BoringSSL] boringssl_context_get_error_code(3581) [C22.1:2][0x111bbd280] SSL_AD_PROTOCOL_VERSION
2019-06-14 09:03:28.454644-0400 Clima[3040:912561] TIC TCP Conn Failed [22:0x280248900]: 3:-9836 Err(-9836)
2019-06-14 09:03:28.490311-0400 Clima[3040:912561] [BoringSSL] boringssl_session_errorlog(224) [C23.1:2][0x111bbbe00] [boringssl_session_handshake_incomplete] SSL_ERROR_SSL(1): operation failed within the library
2019-06-14 09:03:28.490403-0400 Clima[3040:912561] [BoringSSL] boringssl_session_handshake_error_print(205) [C23.1:2][0x111bbbe00] 4591481704:error:10000118:SSL routines:OPENSSL_internal:reason(280):/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl/boringssl-109.250.2/ssl/ssl_versions.cc:258:
2019-06-14 09:03:28.490442-0400 Clima[3040:912561] [BoringSSL] nw_protocol_boringssl_handshake_negotiate_proceed(480) [C23.1:2][0x111bbbe00] Handshake failed. Disconnecting the session
2019-06-14 09:03:28.492968-0400 Clima[3040:912561] TIC TCP Conn Failed [23:0x28022a340]: 3:-9858 Err(-9858)
2019-06-14 09:03:28.494013-0400 Clima[3040:912561] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9858)
2019-06-14 09:03:28.494069-0400 Clima[3040:912561] Task <73E19CEE-005F-4B0A-A79E-7D4B15A5A521>.<6> HTTP load failed (error code: -1200 [3:-9858])
2019-06-14 09:03:28.494773-0400 Clima[3040:912561] Task <73E19CEE-005F-4B0A-A79E-7D4B15A5A521>.<6> finished with error - code: -1200
2019-06-14 09:03:28.496257-0400 Clima[3040:912188] Task <73E19CEE-005F-4B0A-A79E-7D4B15A5A521>.<6> load failed with error Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://api.usno.navy.mil/rstt/oneday?date=06/14/2019&coords=31.575,-81.19, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <73E19CEE-005F-4B0A-A79E-7D4B15A5A521>.<6>, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <73E19CEE-005F-4B0A-A79E-7D4B15A5A521>.<6>"
), NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://api.usno.navy.mil/rstt/oneday?date=06/14/2019&coords=31.575,-81.19, NSUnderlyingError=0x28380d9e0 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9858, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9858}}, _kCFStreamErrorCodeKey=-9858} [-1200]
非常感谢任何解决方案、帮助或见解。很想了解为什么,以及为什么现在。
最佳答案
回答我自己的问题。我确信这并不是该问题所有情况的答案。事实上,USNO 网站目前仅支持 TLS 1.1,info.plist 中的此条目解决了当前的问题。
<key>NSThirdPartyExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
此条目位于域字典下 <key>NSExceptionDomains</key> 下
暂时解决了。
关于ios - Alamofire 网络 REST 调用抛出 SSL 错误(突然),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56599127/