Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

NSURLSession getting intermittent SSLHandshake failed (-9810) error

Download image from secure URL, behind a security wall. A URL like https://foo.com/bar.png

Sometimes I'm getting a SSLHandshake error. Sometimes the error happens once, but sometimes the error is constant and I'm unable to download the file.

DownloadImageApp[2914] <Warning>: CHALLENGE!!! (NSURLAuthenticationMethodServerTrust)
DownloadImageApp[2914] <Warning>:    server = foo.com
DownloadImageApp[2914] <Warning>: CFNetwork SSLHandshake failed (-9810)
DownloadImageApp[2914] <Warning>: CHALLENGE!!! (NSURLAuthenticationMethodServerTrust)
DownloadImageApp[2914] <Warning>:    server = foo.com
DownloadImageApp[2914] <Warning>: CHALLENGE!!! (NSURLAuthenticationMethodNTLM)
DownloadImageApp[2914] <Warning>:    NSURLAuthenticationMethodNTLM

I used the following code to handle challenges

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential *))completionHandler {
    NSLog(@"CHALLENGE!!! (%@)", challenge.protectionSpace.authenticationMethod);

    if (challenge.error)
        NSLog(@"  -- error: %@", challenge.error.description);
    if (challenge.previousFailureCount > 0)
        NSLog(@"  -- previous failure count = %d", challenge.previousFailureCount);
    if (challenge.proposedCredential)
        NSLog(@"  -- proposed credential user: %@", challenge.proposedCredential.user);

    if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
        NSLog(@"   server = %@", challenge.protectionSpace.host);
        completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]);
    } else if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodNTLM]) {
        NSLog(@"   NSURLAuthenticationMethodNTLM");
        NSURLCredential *credential = [NSURLCredential credentialWithUser:@"username" password:@"passwordIsSecretShhh" persistence:NSURLCredentialPersistenceForSession];
        completionHandler(NSURLSessionAuthChallengeUseCredential, credential);
    } else {
        NSLog(@"   ????");
    }
}

Even when it fails completely and won't load I can still pop over to Safari, type in the URL and have it load. So I'm looking for ideas which would cause this problem other than bad network issues or spotty issues with the hosting web server.

like image 616
DBD Avatar asked Jan 06 '14 16:01

DBD


1 Answers

I finally got this issue resolved. It had nothing to do with my code.

The issues was being cause Trend SSL monitoring software which was installed in the server. Once the software was disabled, the errors instantly vanished.

It's not a great answer, but hopefully it will help someone else.

like image 181
DBD Avatar answered Sep 20 '22 16:09

DBD