Failed to configure spring-boot to support https for IOS application -


i using spring-boot backend server , iphone front end app. need setup https in server side in order submit app in apple store. did below configurations in application.properties in spring-boot server:

server.port = 9080 server.ssl.key-store=/data/ssl/server.jks server.ssl.key-store-password=123456 server.ssl.enabled=true server.ssl.key-password=123456 server.ssl.ciphers=tls_ecdhe_rsa_with_aes_128_cbc_sha256,tls_ecdhe_rsa_with_aes_128_cbc_sha,tls_ecdhe_rsa_with_aes_256_cbc_sha384,tls_ecdhe_rsa_with_aes_256_cbc_sha,tls_rsa_with_aes_128_cbc_sha256,tls_rsa_with_aes_128_cbc_sha,tls_rsa_with_aes_256_cbc_sha256,tls_rsa_with_aes_256_cbc_sha server.ssl.protocol=tls

the ios app got below error when connecting server through https:

error:optional(error domain=nsurlerrordomain code=-1200 "an ssl error  has occurred , secure connection server cannot made."  userinfo={_kcfstreamerrorcodekey=-9824, nslocalizedrecoverysuggestion=would  connect server anyway?, nsunderlyingerror=0x610000257490

if set allow arbitrary loads yes in info.plist in xcode, works fine. setting flag yes not suggested apple. want find why wrong ssl configuration. believe issue in backend setting. did below check:

$ nscurl --ats-diagnostics httsp://www.nurse-go.cn:9080 starting ats diagnostics  configuring ats info.plist keys , displaying result of https loads https://www.nurse-go.cn:9080. test "pass" if urlsession:task:didcompletewitherror: returns nil error. use '--verbose' view ats dictionaries used , display error received in urlsession:task:didcompletewitherror:. ================================================================================  default ats secure connection --- ats default connection      2016-12-28 20:07:54.791 nscurl[27229:1903364] nsurlsession/nsurlconnection http load failed (kcfstreamerrordomainssl, -9824) result : fail ---  ================================================================================  allowing arbitrary loads  --- allow loads result : pass ---  ================================================================================  configuring tls exceptions www.nurse-go.cn  --- tlsv1.2 2016-12-28 20:07:57.904 nscurl[27229:1903364] nsurlsession/nsurlconnection http load failed (kcfstreamerrordomainssl, -9824) result : fail ---  --- tlsv1.1 2016-12-28 20:07:58.873 nscurl[27229:1903364] nsurlsession/nsurlconnection http load failed (kcfstreamerrordomainssl, -9824) result : fail ---  --- tlsv1.0 2016-12-28 20:07:59.843 nscurl[27229:1903364] nsurlsession/nsurlconnection http load failed (kcfstreamerrordomainssl, -9824) result : fail ---  ================================================================================  configuring pfs exceptions www.nurse-go.cn  --- disabling perfect forward secrecy result : pass ---  ================================================================================  configuring pfs exceptions , allowing insecure http www.nurse-go.cn  --- disabling perfect forward secrecy , allowing insecure http result : pass ---  ================================================================================  configuring tls exceptions pfs disabled www.nurse-go.cn  --- tlsv1.2 pfs disabled result : pass ---  --- tlsv1.1 pfs disabled result : pass ---  --- tlsv1.0 pfs disabled result : pass ---  ================================================================================  configuring tls exceptions pfs disabled , insecure http allowed www.nurse-go.cn  --- tlsv1.2 pfs disabled , insecure http allowed result : pass ---  --- tlsv1.1 pfs disabled , insecure http allowed result : pass ---  --- tlsv1.0 pfs disabled , insecure http allowed result : pass ---  ================================================================================

you see there few fail result in above output. btw, if did same check nginx server same certification file in same server.then passed. confirm problem spring-boot setting. know reason this?

edit1

when use browser access spring-boot server, browser has shown green lock icon correctly. means spring-boot configuration works fine browser has issue iphone app.


-

Comments

Post a Comment

Popular posts from this blog

python - How to insert QWidgets in the middle of a Layout? -

Image
i'm using qt framework build graphical user interface. use qgridlayout position qwidgets neatly. gui looks this: my application regularly adds new widgets gui @ runtime. these new widgets not added @ end of qlayout, somewhere in middle. the procedure bit cumbersome. applied on figure above, need take out widg_c , widg_d , ... qgridlayout. next, add widg_x and widg_y , , put other widgets again. how remove widgets qgridlayout: for in reversed(range(mygridlayout.count())): self.itemat(i).widget().setparent(none) ### as long you're dealing small amount of widgets, procedure not disaster. in application display lot of small widgets - perhaps 50 or more! application freezes second while procedure ongoing, annoying user. there way insert widgets somewhere in qlayout, without need take out other widgets? edit: apparently solution qvboxlayout simple. use function insertwidget(..) instead of addwidget(..) . docs can found link: http://doc.qt.io/qt-5/qboxlayou
Read more

python - serve multiple gunicorn django instances under nginx ubuntu -

i need serve 2 webs apps (django) on gunicorn under different domain names using nginx on ubuntu. started using tutorial: https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-16-04 it worked fine 1 using that. tried same thing second gives me 502 gateway second domain. tried following tutorial: http://michal.karzynski.pl/blog/2013/10/29/serving-multiple-django-applications-with-nginx-gunicorn-supervisor/ i'm @ part run gunicorn start script: sudo bin/gunicorn_start i response: starting webuildblack root traceback (most recent call last): file "/home/devin/webuildblack/bin/gunicorn", line 7, in <module> gunicorn.app.wsgiapp import run importerror: no module named 'gunicorn.app'; 'gunicorn' not package you have named program gunicorn.py gunicorn -package. rename file , remove gunicorn.pyc file.
Read more

module - Prestashop displayPaymentReturn hook url -

i new prestashop developer , trying create paymentmodule. have got show payment method can not proceed purchase because not know hot works. does know should redirect run hooddisplaypaymentreturn method? i happy if explain me complete navigation map make purchase. anyway, can find relation between hooks , pages? when have new module payment rely on simplest provided prestashop: bankwire. inside can find 3 hooks. hookpayment: public function hookpayment($params) { if (!$this->active) return; if (!$this->checkcurrency($params['cart'])) return; $this->smarty->assign(array( 'this_path' => $this->_path, 'this_path_bw' => $this->_path, 'this_path_ssl' => tools::getshopdomainssl(true, true).__ps_base_uri__.'modules/'.$this->name.'/' )); return $this->display(__file__, 'payment.tpl'); } hookdisplaypaymenteu: public fun
Read more