I made a javascript cloud app that runs on a webpage in a webview on my iPad app that communicates via WebSocket connection but it only works when im on my http site and not https or else I get an CFNetwork SSLHandshake failed (-9806) error in Xcode and on the website it says time out during handshake.
Is this because the webserver on the iPad is running on HTTP instead of HTTPS?
JAVASCRIPT CLOUD APP
This part in the cloud is working for HTTP when connecting to the web server on the iPad.
var protocol = "ws";
if (this.useSecureConnection)
protocol = "wss";
var url = protocol+'://localhost:'+this.port+'/service';
this.connection = new WebSocket(url);
Xcode iOS iPad App (Objective-C)
I thought that was the issue so I tried to enable HTTPS but I am not sure what to create for the "sslIdentityAndCertificates" method.
- (BOOL)isSecureServer {
HTTPLogTrace();
// Override me to create an https server...
return YES;
}
/*
* This method is expected to returns an array appropriate for use in kCFStreamSSLCertificates SSL Settings.
* It should be an array of SecCertificateRefs except for the first element in the array, which is a SecIdentityRef.
**/
- (NSArray *)sslIdentityAndCertificates{
HTTPLogTrace();
return nil;
}
Some of the other posts I have seen use APIs that are only available on Mac and not iOS.
I tried several combinations of ATS permissions as well. All resulted in HTTPS not allowing for WebSocket connection.
Any help is greatly appreciated! 🙂
More Info:
The cloud hosted webapp was built to be used on different devices as a webpage but we needed to add support for bluetooth to connect to a 3rd party hardware. To do that we needed to create a native "wrapper" for the webapp that would get bluetooth messages and process/send messages to the webapp in the webview via webSocket. This allows for the web app to use the bluetooth tool.
You’re not going to be able to use a secure WebSocket connection to a local HTTPS server; the sticking point is that WKWebView provides no way to override the default (RFC 2818) TLS server trust evaluation it does for secure WebSocket connection, and you can’t get a system-trusted certificate for
localhost
. We already have a bug on file about this (r. 25491679) but you should feel free to
file your own describing how this is affecting your app.
This is especially irksome because pages loaded over HTTPS must use a secure WebSocket.
My recommended way to get around this is to avoid WebSocket and instead use WKWebView’s extensive JavaScript-to-native integration technologies (namely WKUserScript and WKScriptMessage).
Finally, I have some other stuff I’d like to discuss privately; please drop me a line at my individual email address, quoting this DevForums thread for context.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"