我有一台Windows服务器,具有正确的SSL信任链。在这个服务器上运行我的voip应用程序的nodejs信令服务器。我曾经在CentOS上运行nodejs服务器,但不久前它已迁移到Windows。我暂时在应用程序中禁用了SSL,但现在我再次启用它,我无法连接消息" CFNetwork SSLHandshake失败(-9824)"。
我知道没有人可以帮助我找出错误的内容,但我期待苹果提供更具描述性的信息。 9824只是意味着"握手失败"并且设备日志显示没什么特别的。我补充说:
setenv("CFNETWORK_DIAGNOSTICS", "3", 1);
并检查了它生成的日志,但它只告诉我握手失败:/我尝试添加
CFReadStreamSetProperty(readStream, kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
CFWriteStreamSetProperty(writeStream, kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
到套接字初始化,看看是否允许我连接,但它没有。我还在iOS9上添加了奇怪的info.plist片段以允许TLS1.0而不是TLS1.2,但即使这样也没有改变任何东西。
所以我的问题:我到底怎么得到足够的信息来开始调试这个烂摊子?我知道握手失败了,Apple,但我想知道为什么它失败了......
编辑:抱歉格式不正确,我匆忙:)
这是我的套接字初始化代码:
APP.onlineUsers = [[NSMutableArray alloc] init];
self.didOpenInputStream = NO;
self.didOpenOutputStream = NO;
self.messageQueue = [[NSMutableArray alloc] init];
CFReadStreamRef readStream;
CFWriteStreamRef writeStream;
NSInputStream* inputStream;
NSOutputStream* outputStream;
CFStreamCreatePairWithSocketToHost(NULL, (__bridge CFStringRef)serverUrl, (uint)serverPort, &readStream, &writeStream);
CFReadStreamSetProperty(readStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanTrue);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanTrue);
CFReadStreamSetProperty(readStream, kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);//tried without this as well
CFWriteStreamSetProperty(writeStream, kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);//tried without this as well
CFReadStreamSetProperty(readStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelSSLv3);//tried v2 this as well
CFWriteStreamSetProperty(writeStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelSSLv3);//tried v2 this as well
inputStream = (__bridge_transfer NSInputStream*)readStream;
outputStream = (__bridge_transfer NSOutputStream*)writeStream;
[inputStream setProperty:NSStreamNetworkServiceTypeVoIP forKey:NSStreamNetworkServiceType];
[inputStream setDelegate:self];
[outputStream setDelegate:self];
self.runLoop = [NSRunLoop currentRunLoop];
[inputStream scheduleInRunLoop:self.runLoop forMode:NSDefaultRunLoopMode];
[outputStream scheduleInRunLoop:self.runLoop forMode:NSDefaultRunLoopMode];
[inputStream open];
[outputStream open];
self.inputStream = inputStream;
self.outputStream = outputStream;
答案 0 :(得分:-1)
问题很可能是您的服务器不符合“ATS”。 ATS从iOS 9开始为设备带来强制安全性。 OS X 10.11。特别是你需要
如果您的服务器不满足此要求,您可以按照here所述为此服务器关闭ATS。