I have an app in Swift 4 which is making a POST request to this domain :
qa-api-session.apps.com
Where I get a JWT as a response.
While the call works perfectly fine in Postman and curl, it does not work in IOS and I receive this message :
nw_protocol_boringssl_handshake_negotiate_proceed(724) [0x7fa6d4f0bac0] handshake failed at state 0
2019-09-30 12:30:18.861722-0300 app[4492:188024] Connection 1: received failure notification
2019-09-30 12:30:18.861847-0300 app[4492:188024] Connection 1: failed to connect 1:61, reason -1
2019-09-30 12:30:18.861967-0300 app4492:188024] Connection 1: encountered error(1:61)
2019-09-30 12:30:18.865759-0300 app4492:188024] Task <XXXX>.<1> HTTP load failed, 0/0 bytes (error code: -1004 [1:61])
I am searching for a way of DISABLING SSL verification and I cant find a straight forward manner. Supposedly I could include some keys on my info.plist but its not working at all.
I just want to make the request and make sure everything is working. Certificate pinning will be done later on.
How can I achieve this?
Related
I have the Telit LE920-EUG 4G LTE module. I am trying to execute GET and POST http requests to a remote server. Though the PDP context is activating properly and I have internet access on the SIM that I'm using, I can't seem to be able to connect to a remote server and execute HTTP requests (both POST and GET) from the module.
I have tried two ways, one through direct HTTP commands supported by the module(All commands mentioned in the LE9x0 AT command reference guide), the commands sequence for which is mentioned below, but +CME ERROR: 100 occurs, and it's same for every http command(AT#HHTPQRY, AT#HTTPRCV) that I try to execute.
AT#SGACT=1,1
#SGACT: 31.81.208.1
OK
AT#HTTPCFG=0,"httpbin.org",80,0,,,0,120,1
+CME ERROR: 100
//No configuration details
AT#HTTPCFG?
+CME ERROR: 100
AT#HTTPCFG=?
+CME ERROR: 100
I have also tried the GET and POST commands after socket dialing. The socket connects but they are not receiving any data from the server or posting anything onto the server, the connection closes with a NO CARRIER. The command sequence that I'm using is given below
//Socket Dial
AT#SD=1,0,80,www.m2msupport.net
CONNECT
//GET commands sequence
GET /m2msupport/http_get_test.php HTTP/1.1
Host:www.m2msupport.net
Connection:keep-alive
//Connection closes with No Response
NO CARRIER
//Socket info shows the bytes sent
at#si=1
#SI: 1,86,0,0,0
OK
I'm getting "Socket Error #10060, Connection timed out" when trying to access a https link.
Here is how you can reproduce it with INDY 10.6.2.0 and OpenSSL 1.0.2d DLLs (also happens with older Indy 10 version and dlls):
create a project and add a TButton, TIdHTTP and TMemo objects to the form
add to button onclick this code:
IdHTTP1.Request.UserAgent:='Indy';
IdHTTP1.HandleRedirects:=true;
Memo1.text:=IdHTTP1.Get('https://www.itv.com');`
now compile and run it, it will download correctly the file.
BUT if you are using a service like www.smartydns.com which redirects DNS request to their server, INDY sample above will not work and fail with "Socket Error #10060, Connection timed out" message.
Have tried it with WGET too (https://eternallybored.org/misc/wget/) and in version 1.13 its initializing the SSL handshake and freezes, but works without problems with version 1.15.
So the question is, what IdHTTP settings do I have to use to make it work, or is it a bug in Indy10 ?
I am trying to decrypt the https traffic by fiddler2 which has just been upgraded.
What is the problem to get this errror?
17:27:45:6821 !SecureClientPipeDirect failed: System.IO.IOException Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. < A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond on pipe to (CN=192.168.0.100, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com)
Thanks
The error message indicates that the client failed to complete the HTTPS handshake. What was the client? This message typically indicates that the client isn't configured to trust Fiddler's Root Certificate.
What, if any, other messages are shown on the Log tab?
I'm trying to send a push notification to apple device (iphone) using Scala, and Notnoop APNS, but when i ran this code:
import com.notnoop.apns._
val service = APNS.newService().withCert("certfile.p12", "passphrase").withAppleDestination(true).build()
service.start()
val payload = APNS.newPayload().alertBody("nomnomnom").sound("default")
service.push("deviceToken", payload.build())
service.stop()
i always stuck on this, ssl handshake error:
Thread-20, handling exception: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
based on this question, i may have invalid certificate, but I'm sure this certificate works, because using this PHP sample, i can send a push notification correctly.
Any idea where's my process gone wrong?
When running the method:
CFReadStreamSetProperty(theReadStream, kCFStreamPropertySSLSettings (CFDictionaryRef)tlsPacket->tlsSettings);
To secure the connection of a CFReadStream, my iphone client returns the error:
Error Domain=kCFStreamErrorDomainSSL Code=-9824 "Operation could not be completed. (kCFStreamErrorDomainSSL error -9824.)"
and the server sends the error:
ERROR [STDERR] javax.net.ssl.SSLHandshakeException: no cipher suites in common
Is there any way to allow CFReadStream to use additional ciphers during the handshake process?
For anyone else who runs into this problem:
It turns out that the problem was on the server side. If you run into this issue yourself I would urge you to check that the handshake on the server side is working properly.