App Store API server (itunes.apple.com) does not support forward secrecy, blocked by App Transport Security
Originator: | greg | ||
Number: | rdar://21677202 | Date Originated: | 05-Jul-2015 02:26 PM |
Status: | Open | Resolved: | |
Product: | iOS SDK | Product Version: | Simulator 9.0 (605) |
Classification: | Other Bug | Reproducible: | Always |
Summary: The App Store API server, itunes.apple.com does not support forward secrecy and is blocked by App Transport Security. Steps to Reproduce: Make an NSURLRequest to https://itunes.apple.com Expected Results: Connection succeeds Actual Results: "An SSL error has occurred and a secure connection to the server cannot be made." NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorCodeKey=-9824, NSErrorFailingURLStringKey=https://itunes.apple.com/lookup?at=XYZ&id=ABC , _kCFStreamErrorDomainKey=3, NSUnderlyingError=0x7b4df280 "The operation couldn’t be completed. (kCFErrorDomainCFNetwork error -1200.)", NSErrorFailingURLKey=https://itunes.apple.com/lookup?at=XYZ&id=ABC Regression: Broken since Xcode 7b1 Notes: Workaround <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>NSExceptionDomains</key> <dict> <key>itunes.apple.com</key> <dict> <key>NSIncludesSubdomains</key> <false/> <key>NSTemporaryExceptionRequiresForwardSecrecy</key> <false/> </dict> </dict> </dict> </plist>
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!