Error 1012 when using SSL in AFNetworking 2.0

Question

I'm trying to connect with SSL to my website which is using a certificated signed by StartSSL. When I browse to the website, everything is working fine, however, when I try to use SSL in the app, I get:

Error Domain=NSURLErrorDomain Code=-1012 "The operation couldn’t be completed. (NSURLErrorDomain error -1012.)" UserInfo=0x8d635f0 {NSErrorFailingURLKey=https://edutoets.nl/API/login.php, NSErrorFailingURLStringKey=https://edutoets.nl/API/login.php}

I've included the certificate in .cer format (after converting it from .crt to .cer with openssl) in the app bundle and AFNetworking can find it. Here's my code that creates the security policy of the manager:

- (AFSecurityPolicy*) sslSecurityPolicy
{
    NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"edutoets" ofType:@"cer"];
    NSData *certData = [NSData dataWithContentsOfFile:cerPath];
    AFSecurityPolicy *securityPolicy = [[AFSecurityPolicy alloc] init];
    [securityPolicy setAllowInvalidCertificates:NO];
    [securityPolicy setPinnedCertificates:@[certData]];
    [securityPolicy setSSLPinningMode:AFSSLPinningModeCertificate];

    return securityPolicy;
}

And here I set the security policy and execute the request:

AFHTTPRequestOperationManager *manager = [AFHTTPRequestOperationManager manager;
[manager setSecurityPolicy:[self dodyrwSecurityPolicy]];
manager.responseSerializer = [AFJSONResponseSerializer serializer];
[manager POST:kLoginURL parameters:... success:...];

I don't know what I'm doing wrong here. The .cer file looks fine (the certificate corresponds to the certificate when browsing to the website). This is happening on the iOS simulator.

Could anyone help me with this?

Answer 1

I had a similar situation where I received error 1012 despite having a valid SSL cert embedded in my app. This app could communicate with the server (with everything else remaining the same) when using AFNetworking v1. My problem was caused by not having the entire chain of certificates embedded in the app. Setting validatesCertificateChain = NO; fixed the issue.

Answer 2

Well, apparently you should also add your intermediate certificate and root certificate to the app bundle. Afer I did that, it started to work!