search

peterldowns / localias

custom local domain aliases for local dev servers
MIT License
583 stars 3 forks source link

Certificate errors in the iOS simulator #33

Closed ehynds closed 1 month ago

ehynds commented 1 month ago

Hi - curious if you have advice on how to get a native iOS app to accept the localias certificate in the simulator. I'm receiving the following error when I try to connect to https://server.local from within my app:

Task <731C070D-A88C-4699-89D6-CB17360CD660>.<6> finished with error [-1202] Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “server.local” which could put your confidential information at risk." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=(
    "<cert(0x10c6b3e00) s: server.local i: Localias Intermediate>",
    "<cert(0x10c6b4400) s: Localias Intermediate i: Localias Root>"
), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://server.local/api/graphql, NSErrorFailingURLStringKey=https://server.local/api/graphql, NSUnderlyingError=0x600000df9c50 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x600003470780>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9807, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9807, kCFStreamPropertySSLPeerCertificates=(
    "<cert(0x10c6b3e00) s: server.local i: Localias Intermediate>",
    "<cert(0x10c6b4400) s: Localias Intermediate i: Localias Root>"
)}}, _NSURLErrorRelatedURLSessionTaskErrorKey=(
    "LocalDataTask <731C070D-A88C-4699-89D6-CB17360CD660>.<6>"
), _kCFStreamErrorCodeKey=-9807, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <731C070D-A88C-4699-89D6-CB17360CD660>.<6>, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600003470780>, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “server.local” which could put your confidential information at risk.}

I went to https://server.local in the Safari app inside the simulator and pressed the continue untrusted button, so I can now browse my local server just fine within Safari, but trusting this certificate this way does not seem to translate over into my app.

ehynds commented 1 month ago

I was able to figure it out - leaving these steps here to help others that might come across it:

  1. Run localias debug cert and place the root.crt file on a web server somewhere
  2. Copy/paste link in Safari on the Simulator
  3. Install the certificate
  4. On the the Simulator, go to General -> About -> Certificate Trust Settings -> “Enable Full Trust for Root Certificate” for the certificate

image

peterldowns commented 3 days ago

Thanks so much for writing in with the solution! I'm not familiar with the iOS simulator, but thank you for figuring this out and documenting it so anyone else can do the same thing in the future :)