Solved: Fetch not working with HTTPS and self signed Cert ...

s00500 · ‎06-09-2018

Ok so I am on ios and I would like to have fetch working with a server that has a self signed cert. I added the cert itself under profiles in ios. Still when I call fetch I get "TypeError: Failed to fetch". I tested the code with a non-https server and there it is working fine. Is there anything that I am missing or is there any better way to get some error reporting ?

Thanks,

Lukas

s00500 · ‎07-01-2018

Hi John, thanks for your reply.

I retried it today and managed to get it working. To make sure other people can avoid running into that problem here is how to do it:

The certificate you install on your phone has to be a CA certificate (as you mentioned). Generate and selfsign this using openssl (If you do not know how: https://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/)

Generate a cert for your server and make sure it has the correct Common Name set (an ip is also valid)

And then comes the part that created the issue for me: In IOS 10.3 Apple introduced new Certificate Trust settings. After going through the process of installing and trusting the cert as a Profile (in General->Profiles) You have to go too General->About->CertificateTrustSettings. There make sure your CA cert is also trusted there.

If you follow this steps It sould work just fine! =D

(For completeness: insecure plain http requests do also work, although this is NOT advised in any case)

View best answer in original post

JonFitbit · ‎06-30-2018

I believe it's ATS on iOS which is blocking this.

With App Transport Security (ATS) fully enabled, the system requires that your app’s HTTP connections use HTTPS and that they satisfy the following security requirements: The X.509 digital server certificate must meet at least one of the following trust requirements: Issued by a certificate authority (CA) whose root certificate is incorporated into the operating system Issued by a trusted root CA and installed by the user or a system administrator.

s00500 · ‎07-01-2018

Hi John, thanks for your reply.

I retried it today and managed to get it working. To make sure other people can avoid running into that problem here is how to do it:

The certificate you install on your phone has to be a CA certificate (as you mentioned). Generate and selfsign this using openssl (If you do not know how: https://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/)

Generate a cert for your server and make sure it has the correct Common Name set (an ip is also valid)

And then comes the part that created the issue for me: In IOS 10.3 Apple introduced new Certificate Trust settings. After going through the process of installing and trusting the cert as a Profile (in General->Profiles) You have to go too General->About->CertificateTrustSettings. There make sure your CA cert is also trusted there.

If you follow this steps It sould work just fine! =D

(For completeness: insecure plain http requests do also work, although this is NOT advised in any case)

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Fetch not working with HTTPS and self signed Cert in IOS

s00500

s00500

JonFitbit

s00500