recently my app published on app store facing some issue after i have implemented cloudflare and mtls to enhance security feature. Before that, when the API failed, i can receive http error code such as 403, 401 and etc. but after mtls is activated, all those failed http call is block by AppTransportSecurity layer and i can only receive 999 and error message as "URLSessionTask failed with error: The erver "***.***.com" requires a client certificate." i have read through Apple document, it says Apple introduce this security layer by default to ensure network security without known weakness https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW35 does anyone have come across similar issue like this before?
mTLS failed network is intercept by appTransportSecurity layer when backend return 4XX
It’s very unlikely that App Transport Security (ATS) is involved here. ATS is primarily concerned with the nature of the TLS connection supported by the server — the TLS version, the server’s certificate, and so on — and that doesn’t change if you switch to mTLS authentication.
i can only receive 999
Is that actually 999? Or -999? The latter is NSURLErrorCancelled, which means that someone has cancelled the task on the client side. Given that you just enabled mTLS, that’s most likely because of a problem with your authentication challenge handling. What does that look like?
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"