In a previous article, we talked about an issue when you try to stream an Office 365 Videos from Azure Media Services in your application running on iOS 9.
It seems that Microsoft is actually doing some modifications on the infrastructure of the Office 365 platform, especially around the SSL certificates, because today I’m facing the same error when using the Outlook REST API.
I’m trying to call the following URL which should return the last 10 messages stored in the inbox of the authenticated user :
https://outlook.office365.com/api/v2.0/Me/MailFolders('Inbox')/Messages
But I get the following error message, which indicates there’s an issue with SSL certificates :
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802) Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSUnderlyingError=0x7d96cd90 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorCodeKey=-9802, _kCFStreamErrorDomainKey=3, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x7afb9d50>, kCFStreamPropertySSLPeerCertificates=<CFArray 0x7ae63490 [0xa97098]>{type = immutable, count = 2, values = ( 0 : <cert(0x7afb8570) s: outlook.com i: Microsoft IT SSL SHA1> 1 : <cert(0x7afb96d0) s: Microsoft IT SSL SHA1 i: Baltimore CyberTrust Root> )}}}, _kCFStreamErrorCodeKey=-9802, NSErrorFailingURLStringKey=https://outlook.office365.com/api/v2.0/Me/MailFolders('Inbox')/Messages, NSErrorPeerCertificateChainKey=<CFArray 0x7ae63490 [0xa97098]>{type = immutable, count = 2, values = ( 0 : <cert(0x7afb8570) s: outlook.com i: Microsoft IT SSL SHA1> 1 : <cert(0x7afb96d0) s: Microsoft IT SSL SHA1 i: Baltimore CyberTrust Root> )}, NSErrorClientCertificateStateKey=0, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x7afb9d50>, NSErrorFailingURLKey=https://outlook.office365.com/api/v2.0/Me/MailFolders('Inbox')/Messages}
The cause of this error is still the same as explained in our previous article : App Transport Security (ATS).
To solve the issue, you need to add some lines in your Info.plist to configure ATS to ignore the SSL error.
<key>NSAppTransportSecurity</key> <dict> <key>NSExceptionDomains<key> <dict> <key>outlook.office365.com</key> <dict> <key>NSExceptionRequiresForwardSecrecy</key> <false/> </dict> </dict> </dict>
You can also edit this file using the editor in Xcode rather than manually edit the XML file :