Secure Transport Result Codes

Recognize result codes specific to the secure transport API.


Use the SecCopyErrorMessageString(_:_:) function to obtain a human readable string corresponding to these status codes.

The functions of the Secure Transport API may also return the general codes listed in Security Framework Result Codes.

Errors in the range of –9819 through –9840 are fatal errors that are detected by the peer.



var errSSLATSViolation: OSStatus

An App Transport Security violation occurred.

var errSSLATSMinimumVersionViolation: OSStatus

The minimum protocol version isn’t App Transport Security compliant.

var errSSLATSCiphersuiteViolation: OSStatus

The selected ciphersuite isn’t App Transport Security compliant.

var errSSLATSMinimumKeySizeViolation: OSStatus

The peer key size isn’t App Transport Security compliant.

var errSSLATSLeafCertificateHashAlgorithmViolation: OSStatus

The peer leaf certificate hash algorithm isn’t App Transport Security compliant.

var errSSLATSCertificateHashAlgorithmViolation: OSStatus

The peer certificate hash algorithm isn’t App Transport Security compliant.

var errSSLATSCertificateTrustViolation: OSStatus

The peer certificate wasn’t issued by a trusted peer.

var errSSLBadCert: OSStatus

Bad certificate format.

var errSSLBadCipherSuite: OSStatus

A bad SSL cipher suite was encountered.

var errSSLBadConfiguration: OSStatus

A configuration error occurred.

var errSSLBadRecordMac: OSStatus

A record with a bad message authentication code (MAC) was encountered.

var errSSLBufferOverflow: OSStatus

An insufficient buffer was provided.

var errSSLCertExpired: OSStatus

The certificate chain had an expired certificate.

var errSSLCertNotYetValid: OSStatus

The certificate chain had a certificate that is not yet valid.

var errSSLClientCertRequested: OSStatus

The server has requested a client certificate.

var errSSLClientHelloReceived: OSStatus

A non-fatal result for providing a server name indication.

var errSSLClosedAbort: OSStatus

The connection closed due to an error.

var errSSLClosedGraceful: OSStatus

The connection closed gracefully.

var errSSLClosedNoNotify: OSStatus

The server closed the session with no notification.

var errSSLConnectionRefused: OSStatus

The peer dropped the connection before responding.

var errSSLCrypto: OSStatus

An underlying cryptographic error was encountered.

var errSSLFatalAlert: OSStatus

A fatal alert was encountered.

var errSSLHostNameMismatch: OSStatus

The host name you connected with does not match any of the host names allowed by the certificate.

var errSSLIllegalParam: OSStatus

An illegal parameter was encountered.

var errSSLModuleAttach: OSStatus

Module attach failure.

var errSSLNegotiation: OSStatus

The cipher suite negotiation failed.

var errSSLNetworkTimeout: OSStatus

Network timeout triggered.

var errSSLNoRootCert: OSStatus

No root certificate for the certificate chain.

var errSSLPeerAuthCompleted: OSStatus

A non-fatal result indicating the peer certificate is valid, or was ignored if verification is disabled.

var errSSLPeerBadCert: OSStatus

A bad certificate was encountered.

var errSSLPeerBadRecordMac: OSStatus

A record with a bad message authentication code (MAC) was encountered.

var errSSLPeerCertExpired: OSStatus

The certificate expired.

var errSSLPeerCertRevoked: OSStatus

The certificate was revoked.

var errSSLPeerCertUnknown: OSStatus

The certificate is unknown.

var errSSLPeerDecodeError: OSStatus

A decoding error occurred.

var errSSLPeerDecryptError: OSStatus

A decryption error occurred.

var errSSLPeerExportRestriction: OSStatus

An export restriction occurred.

var errSSLPeerInsufficientSecurity: OSStatus

There is insufficient security for this operation.

var errSSLPeerInternalError: OSStatus

An internal error occurred.

var errSSLPeerNoRenegotiation: OSStatus

No renegotiation is allowed.

var errSSLPeerProtocolVersion: OSStatus

A bad protocol version was encountered.

var errSSLPeerRecordOverflow: OSStatus

A record overflow occurred.

var errSSLPeerUnexpectedMsg: OSStatus

An unexpected message was received.

var errSSLPeerUnknownCA: OSStatus

An unknown certificate authority was encountered.

var errSSLPeerUnsupportedCert: OSStatus

An unsupported certificate format was encountered.

var errSSLPeerUserCancelled: OSStatus

The user canceled the operation.

var errSSLProtocol: OSStatus

SSL protocol error.

var errSSLRecordOverflow: OSStatus

A record overflow occurred.

var errSSLSessionNotFound: OSStatus

An attempt to restore an unknown session failed.

var errSSLTransportReset: OSStatus

Transport (socket) shutdown, for example, TCP, RST, or FIN.

var errSSLUnexpectedMessage: OSStatus

Peer rejected unexpected message.

var errSSLUnknownRootCert: OSStatus

Certificate chain is valid, but root is not trusted.

var errSSLUnrecognizedName: OSStatus

Unknown or unrecognized name.

var errSSLWeakPeerEphemeralDHKey: OSStatus

Indicates a weak ephemeral dh key.

var errSSLWouldBlock: OSStatus

Function is blocked; waiting for I/O. This is not fatal.

var errSSLXCertChainInvalid: OSStatus

Invalid certificate chain.