Accepted answer

The workaround for now is to add this to your Info.plist:


<key>NSAppTransportSecurity</key>

<dict>

   <key>NSAllowsArbitraryLoads</key>

   <true/>

</dict>

NSURLConnection is deprecated and you need to use NSURLSession:

NSURL *URL = [NSURL URLWithString:@"http://example.com"];
NSURLRequest *request = [NSURLRequest requestWithURL:URL];

[NSURLConnection sendAsynchronousRequest:request
                                queue:[NSOperationQueue mainQueue]
                    completionHandler:^(NSURLResponse *response, NSData  *data, NSError *error) {
 // ... 
}];

converted to:

NSURL *URL = [NSURL URLWithString:@"http://example.com"];
NSURLRequest *request = [NSURLRequest requestWithURL:URL];

NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *task = [session dataTaskWithRequest:request
                                     completionHandler:
 ^(NSData *data, NSURLResponse *response, NSError *error) {
     // ...
  }];

[task resume];
  1. Also included in Info.plist see documentation:

Info.plist reference

<key>NSAppTransportSecurity</key>
<dict>
  <key>NSExceptionDomains</key>
  <dict>
  <key>yourdomain.net</key>
  <dict>
  <key>NSIncludesSubdomains</key>
  <true/>
  <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
  <true/>
  <key>NSTemporaryExceptionMinimumTLSVersion</key>
  <string>1.2</string>
  <key>NSTemporaryExceptionRequiresForwardSecrecy</key>
  <false/>
  </dict>
  </dict>
</dict>
  1. And ultimately

Announcement: CFNetwork SSLHandshake failed (-9824) while integrating Login with Amazon SDK for iOS Back to Category Back to Category

Latest version of OS X require TLSv1.2 SSL in the host server and hence the SSL fails. You can set exceptions in your info.plist file.

<key>NSAppTransportSecurity</key>
<dict>
  <key>NSExceptionDomains</key>
  <dict>
    <key>BrazilServer.com</key>
    <dict>
      <key>NSIncludesSubdomains</key>
      <true/>
      <key>NSExceptionMinimumTLSVersion</key>
      <string>TLSv1.1</string>
    </dict>
  </dict>
</dict>

Also NSURLConnection is deprecated and you should switch to NSURLSession instead, as there are bugs with handling the exceptions in the info.plist and NSURLConnection.

Should you want to get more info about the error you can set the CFNETWORK_DIAGNOSTICS environment variable under the schema setting to 1, and the log will produce more exact results of what is happening during the SSL handshake.

Take special note of the "NSTemporaryExceptionRequiresForwardSecrecy" flag. It needs to be turned OFF.

<key>NSAppTransportSecurity</key> <dict> <key>NSExceptionDomains</key> <dict> <key>YOUR_HOST.COM</key> <dict> <key>NSIncludesSubdomains</key> <true/> <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key> <true/> <key>NSTemporaryExceptionMinimumTLSVersion</key> <string>1.0</string> <key>NSTemporaryExceptionRequiresForwardSecrecy</key> <false/> </dict> </dict> </dict>