I was able to connect to a public wss using tls like this:
let port = 443
let url = URL(string: "wss://echo.websocket.org")!
connection = NWConnection(host: NWEndpoint.Host.name(url.host!, nil), port: NWEndpoint.Port(rawValue: UInt16(port))!, using: .tls)
Now I'm trying to connect to a wss websocket in a private network and I'm getting some errors. This is my code:
let port = 8443
let url = URL(string: "wss://ip_address:8443/gs-guide-websocket/websocket")!
connection = NWConnection(host: NWEndpoint.Host.name(url.host!, nil), port: NWEndpoint.Port(rawValue: UInt16(port))!, using: .tls)
And these are the errors:
[BoringSSL] boringssl_context_alert_callback_handler(3747) [C1.1:1][0x7fe945708390] Alert level: fatal, description: certificate unknown
[BoringSSL] boringssl_context_error_print(3699) boringssl ctx 0x600001ec9500: 140639868076392:error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl_Sim/boringssl-109.202.1/ssl/handshake.cc:372:
[BoringSSL] boringssl_context_get_error_code(3519) [C1.1:1][0x7fe945708390] SSL_AD_CERTIFICATE_UNKNOWN
Client failed with error: -9808: Optional(bad certificate format)
Do I need to add special options to connect here?
Also, I saw that the wss works because I'm able to connect with SocketRocket, but I want to connect with NWConnection
Thanks.
Solution was to install the certificate that I had on the server and then enable full trust to that certificate in Settings > General > About > Certificate Trust Settings