0

My swift iOS application is not able to register for remote notification with aerogear unified push server giving errors that looks like the certificate on the server is a self signed one although it is a regular trusted one signed by a certification authority.

this happens during didRegisterForRemoteNotificationsWithDeviceToken call in the delegate where the registration itself is done according to the aerogear push server examples :

        let registration = AGDeviceRegistration(serverURL: NSURL(string: dynConfig.pushURL));
            registration.registerWithClientInfo({ (clientInfo:AGClientDeviceInformation!) -> Void in
...

Here is the error trace

2016-04-08 16:22:35.158 Myapp[284:35797] Registration :https://server.mydomain.net:8443/ag-push/
2016-04-08 16:24:23.412 Myapp[284:35797] OK
2016-04-08 16:24:23.419 Myapp[284:35797] _BSMachError: (os/kern) invalid capability (20)
2016-04-08 16:24:23.420 Myapp[284:35797] _BSMachError: (os/kern) invalid name (15)
2016-04-08 16:24:23.553 Myapp[284:35797] OK
2016-04-08 16:24:23.558 Myapp[284:35797] OK
2016-04-08 16:24:23.574 Myapp[284:36046] CFNetwork SSLHandshake failed (-9824)
2016-04-08 16:24:23.615 Myapp[284:36046] CFNetwork SSLHandshake failed (-9824)
2016-04-08 16:24:23.662 Myapp[284:36046] CFNetwork SSLHandshake failed (-9824)
2016-04-08 16:24:23.713 Myapp[284:36046] CFNetwork SSLHandshake failed (-9824)
2016-04-08 16:24:23.716 Myapp[284:36046] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824)
2016-04-08 16:24:38.229 Myapp[284:35797] Push registration error :Error Domain=NSURLErrorDomain Code=-1200 "Une erreur SSL s’est produite et il est impossible d’établir une connexion sécurisée avec le serveur." UserInfo={_kCFStreamErrorCodeKey=-9824, NSLocalizedRecoverySuggestion=Souhaitez-vous tout de même vous connecter au serveur ?, NSUnderlyingError=0x12cdf9ee0 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9824, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9824}}, NSLocalizedDescription=Une erreur SSL s’est produite et il est impossible d’établir une connexion sécurisée avec le serveur., NSErrorFailingURLKey=https://server.mydomain.net:8443/ag-push/rest/registry/device, NSErrorFailingURLStringKey=https://server.mydomain.net:8443/ag-push/rest/registry/device, _kCFStreamErrorDomainKey=3}
Yves Nicolas
  • 6,901
  • 7
  • 25
  • 40

1 Answers1

1

Your API call seems to be blocked by the App Transport Security. Try adding the following to your .plist file:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>mydomain.net</key>
        <dict>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSExceptionRequiresForwardSecrecy</key>
            <false/>
        </dict>
    </dict>
</dict>
DAN
  • 919
  • 1
  • 6
  • 23
  • I had all the other ones but not the NSExceptionRequiresForwardSecrecy. It fixes it. Any hint on what changes to be made on the server side to avoid this? – Yves Nicolas Apr 08 '16 at 15:47
  • If you're working with Apache, have a look here: https://www.digicert.com/ssl-support/ssl-enabling-perfect-forward-secrecy.htm – DAN Apr 09 '16 at 08:25
  • Will have a look, actually working with wildfly and nginx. – Yves Nicolas Apr 11 '16 at 14:14