Comments (13)
How to modify to disable certificate verification during a request?
from ziti-sdk-swift.
The simulator is running smoothly. But I run it on iPhone and take this error
Error Domain=ZitiError Code=-53 "unexpected error"
On TLS handshake error getting a negative response code (-53)
Please help
Can you send more info from the logs? You can access them via "Send Feedback", which will create an email with the logs attached. If you send the logs to help at openziti.org we'll see them.
from ziti-sdk-swift.
Certificates are required to establish the endpoint identity
from ziti-sdk-swift.
iPhone device log
[2023-06-12T02:20:18:434Z] INFO CZiti:ZitiUrlManager.swift:134 host() *-*-*-*-* https://www.xxxxx intercepting none)
[2023-06-12T02:20:18:436Z] INFO CZiti:ZitiUrlProtocol.swift:212 canInit() *-*-*-*-* is intercepting https://www.xxxxx
[2023-06-12T02:20:18:439Z] DEBUG CZiti:ZitiUrlProtocol.swift:186 init() init <CZiti.ZitiUrlProtocol: 0x282598040>, Thread: Optional("com.apple.CFNetwork.CustomProtocols")
(82986)[2023-06-12T02:20:18.440Z] DEBUG ziti-sdk:posture.c:211 ziti_send_posture_data() ztx[0] posture checks must_send set to TRUE, new_session_id[FALSE], must_send_every_time[TRUE], new_controller_instance[FALSE]
(82986)[2023-06-12T02:20:18.440Z] DEBUG ziti-sdk:connect.c:531 process_connect() conn[0.1/Connecting] starting Dial connection for service[6|service|bgzs_bgzs] with session[clis87s084vwf17cncjad6wg2]
(82986)[2023-06-12T02:20:18.440Z] DEBUG ziti-sdk:connect.c:414 ziti_connect() conn[0.1/Connecting] selected ch[ziti-edge-rt1@tls://r1.hn.rt.echa.xxx:6443] for best latency(10 ms)
(82986)[2023-06-12T02:20:18.440Z] DEBUG ziti-sdk:connect.c:301 on_channel_connected() conn[0.1/Connecting] selected ch[ziti-edge-rt1@tls://r1.hn.rt.echa.xxx:6443] status[0]
(82986)[2023-06-12T02:20:18.440Z] DEBUG ziti-sdk:channel.c:214 ziti_channel_add_receiver() ch[4] added receiver[1]
[2023-06-12T02:20:18:500Z] ERROR CZiti:ZitiUrlProtocol.swift:310 ZitiUrlProtocol() -53 str
(82986)[2023-06-12T02:20:18.500Z] DEBUG ziti-sdk:channel.c:221 ziti_channel_rem_receiver() ch[4] removed receiver[1]
(82986)[2023-06-12T02:20:18.500Z] DEBUG ziti-sdk:connect.c:169 close_conn_internal() conn[0.1/Closed] removing
(82986)[2023-06-12T02:20:18.500Z] DEBUG ziti-sdk:ziti.c:1597 grim_reaper() ztx[0] reaped 1 closed (out of 1 total) connections
2023-06-12 10:20:18.501126+0800 YCSDK_Example[82986:15835561] Task <361C30F4-7E29-47F7-A601-96492114C372>.<1> finished with error [-53] Error Domain=ZitiError Code=-53 "unexpected error" UserInfo={_NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <361C30F4-7E29-47F7-A601-96492114C372>.<1>"
), NSLocalizedDescription=unexpected error, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <361C30F4-7E29-47F7-A601-96492114C372>.<1>}
2023-06-12 10:20:18.501630+0800 YCSDK_Example[82986:15834981] error = Error Domain=ZitiError Code=-53 "unexpected error" UserInfo={_NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <361C30F4-7E29-47F7-A601-96492114C372>.<1>"
), NSLocalizedDescription=unexpected error, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <361C30F4-7E29-47F7-A601-96492114C372>.<1>}
from ziti-sdk-swift.
iPhone simulator log
[2023-06-12T02:20:55:432Z] INFO CZiti:ZitiUrlManager.swift:134 host() *-*-*-*-* https://www.xxxxx intercepting none)
[2023-06-12T02:20:55:433Z] INFO CZiti:ZitiUrlProtocol.swift:212 canInit() *-*-*-*-* is intercepting https://www.xxxxx
[2023-06-12T02:20:55:434Z] DEBUG CZiti:ZitiUrlProtocol.swift:186 init() init <CZiti.ZitiUrlProtocol: 0x600000bc0380>, Thread: Optional("com.apple.CFNetwork.CustomProtocols")
(66849)[2023-06-12T02:20:55.434Z] DEBUG ziti-sdk:posture.c:211 ziti_send_posture_data() ztx[0] posture checks must_send set to TRUE, new_session_id[FALSE], must_send_every_time[TRUE], new_controller_instance[FALSE]
(66849)[2023-06-12T02:20:55.434Z] DEBUG ziti-sdk:connect.c:521 process_connect() conn[0.0/Connecting] requesting 'Dial' session for service[6|service|bgzs_bgzs]
(66849)[2023-06-12T02:20:55.508Z] DEBUG ziti-sdk:ziti_ctrl.c:326 ctrl_body_cb() ctrl[c1.ctrl.echa.xxx] completed POST[/sessions] in 0.074 s
(66849)[2023-06-12T02:20:55.508Z] DEBUG ziti-sdk:connect.c:483 connect_get_net_session_cb() conn[0.0/Connecting] got session[clis89dr24vyu17cngpjwdjez] for service[6|service|bgzs_bgzs]
(66849)[2023-06-12T02:20:55.508Z] DEBUG ziti-sdk:posture.c:211 ziti_send_posture_data() ztx[0] posture checks must_send set to TRUE, new_session_id[FALSE], must_send_every_time[TRUE], new_controller_instance[FALSE]
(66849)[2023-06-12T02:20:55.508Z] DEBUG ziti-sdk:connect.c:531 process_connect() conn[0.0/Connecting] starting Dial connection for service[6|service|bgzs_bgzs] with session[clis89dr24vyu17cngpjwdjez]
(66849)[2023-06-12T02:20:55.508Z] DEBUG ziti-sdk:connect.c:414 ziti_connect() conn[0.0/Connecting] selected ch[ziti-edge-rt2@tls://r2.hn.rt.echa.xxx:6443] for best latency(7 ms)
(66849)[2023-06-12T02:20:55.508Z] DEBUG ziti-sdk:connect.c:301 on_channel_connected() conn[0.0/Connecting] selected ch[ziti-edge-rt2@tls://r2.hn.rt.echa.xxx:6443] status[0]
(66849)[2023-06-12T02:20:55.508Z] DEBUG ziti-sdk:channel.c:214 ziti_channel_add_receiver() ch[1] added receiver[0]
[2023-06-12T02:20:55:644Z] DEBUG CZiti:ZitiUrlProtocol.swift:190 deinit() deinit <CZiti.ZitiUrlProtocol: 0x600000bc0380>, Thread: Optional("ziti_uv_loop_private")
2023-06-12 10:20:55.644877+0800 YCSDK_Example[66849:15203009] responseObject = {length = 65, bytes = 0x7b227265 73756c74 436f6465 223a2230 ... 73223a74 7275657d }
from ziti-sdk-swift.
@smilindave26 Could you please show me where the modification is needed?
from ziti-sdk-swift.
A couple of things:
- log messages from the CSDK (e.g.,
process_connect()
show different line numbers when run on the device versus in the simulator. This suggests you are running different versions of software in the two logs - There should log messages when you start up indicating the version of the CSDK being used
- I don't recognize
ZitiUrlManager.swift
. Is that a file you added?
Can you tell me more about how you built the project and the application you are developing/running?
from ziti-sdk-swift.
Is this issue got resolved ? I am also facing this same error.
The issue has been resolved. I found the default CA certificate on MacOS, placed it in the project, and used this certificate in the default_tls_context parameter.
from ziti-sdk-swift.
That great, Can you share the sample code to use the certificate in default_tls_context parameter.
from ziti-sdk-swift.
@febinAirindia the CA bundle should be loaded automatically when you initialize Ziti
. Are you using https://openziti.io/ziti-sdk-swift/Classes/Ziti.html#/c:@M@CZiti@objc(cs)Ziti(im)init::name:caPool: ? You can also load from a file via https://openziti.io/ziti-sdk-swift/Classes/Ziti.html#/c:@M@CZiti@objc(cs)Ziti(im)initFromFile:
from ziti-sdk-swift.
Yes I am using Ziti from saved json file.
func runZiti(completion: @escaping (Bool, Error?)->()) { ziti = Ziti(fromFile: outFile) if let ziti = ziti { ziti.runAsync { zErr in guard zErr == nil else { print("Unable to run Ziti: \(String(describing: zErr!))") completion(false, AIError.customError(msg: "Unable to run Ziti: \(String(describing: zErr!))")) return } ZitiLog.setLogLevel(.NONE) ZitiUrlProtocol.register(ziti) DispatchQueue.main.asyncAfter(deadline: .now() + 1) { completion(true, nil) } } } else { /// handle if no ziti outfile found debugPrint("No ziti outfile found") completion(false, AIError.customError(msg: "No ziti outfile found")) } }
from ziti-sdk-swift.
zid file was created from the callback of a successful Ziti.enroll()
? Inspecting the file, you should see a czid.ca
entry in the JSON. Does it look correctly populated with series of PEM certs?
from ziti-sdk-swift.
The issue is fixed in the swift SDK release 0.30.21 - https://github.com/openziti/ziti-sdk-swift/releases/tag/0.30.21 . The problem was access to CA bundle on iOS
@Hin-D - if you have an active project that requires to secure mobile apps, we would be happy to assist.
from ziti-sdk-swift.
Related Issues (17)
- Jazzy documentation update needed
- NetFoundry info embedded in project
- [email protected] "hardcoded", I don't think I can "Build Manually" HOT 1
- README Artifactory reference is obsolete
- XCFramework, binary distribution as Swift Package
- Move API docs to github pages HOT 6
- Add sample with acync/await REST calls HOT 1
- Whether socket interception is supported HOT 4
- Deprecate CZiti-iOS.podspec and CZiti-macOS.podspec in favor of CZiti.podspec HOT 1
- some error after import CZiti.xcframework HOT 2
- How to change the TLS handshake signature algorithm? HOT 2
- Ziti Mobile Edge crashes HOT 3
- Whether to change hosts HOT 1
- initCallback is not called when first Ziti event is received
- 'ziti/ziti.h' file not found HOT 3
- crash uv_now(ts_loop) HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ziti-sdk-swift.