IOS 8.4 CFNetwork SSLHandshake Error (-9850)
My code for ssl handshake is failing since I updated xcode to 6.4 (and simulator to iOS 8.4).
Error: CFNetwork SSLHandshake failed (-9850)
The same code executes ssl handshake successfully on ios 8.3 simulator (I also tried ios 8.3 simulator from xcode 6.4 and it does a good job).
Here is a piece of code that concatenates and starts the handshake. I use quickly.
self.socket.startTLS([kCFStreamSSLLevel:kCFStreamSocketSecurityLevelTLSv1,
kCFStreamSSLValidatesCertificateChain:kCFBooleanFalse])
I've been trying to figure this out all day and I couldn't even find out what the -9850 error code means. It is not listed with all other codes in the SecureTransport.h file.
Update1:
I found out that apple poses a security risk to applications, which means you can declare the domains you want to securely connect to. I tried with ATS anyway, but without any success. Error -9850 is still causing problems.
Update 2 - Solution
As Michal and Steven suggested in their answers, I began to suspect that the main server side problem ended up being true.
I talked to the guy who implemented the server and all the problems went away after he issued new 2048 ssl certificates. Before that they were 512.
With the new certificates, the code on my side works fine.
source to share
-9850 appears in a header SecureTransport.h
hidden inside the iOS 9 SDK:
errSSLWeakPeerEphemeralDHKey = -9850, /* weak ephemeral dh key */
It looks like Michal is on the right track. A more general search for this issue led me to http://www.chromium.org/administrators/err_ssl_weak_server_ephemeral_dh_key :
As of Chrome 45, this error message is triggered if an SSL / TLS handshake attempts to use a public key less than 1024 bits for an ephemeral Diffie-Hellman key agreement.
I'm not saying that iOS 9 has the same requirements as Chrome, but I would start looking into the server configuration and if you can increase the key size it uses to validate SSL.
source to share
I believe it has something to do with coreTLS :
Description: coreTLS accepts short ephemeral Diffie-Hellman (DH) keys used in ephemeral DH cipher suites. This issue, also known as Logjam, allowed an attacker with a privileged network position to downgrade security to 512-bit DH if the server supported the ephemeral DH export cipher suite. The issue was addressed by increasing the default minimum size allowed for ephemeral DH keys to 768 bits.
From what I can tell from your code, I think you are using GCDAsyncSocket . It was updated 10 months ago, so it definitely doesn't reflect this issue.
source to share