The Sequoia beta 3 is working! And a bonus, it didn't break my local web server setup!! Thanks @DTS Engineer Please ask the developers not to break it again.

@DTS Engineer You have a good memory. Yes, I had similar problems with my previous MBP setup, however with your help we did manage to get it working. This time I tried over and over to drop the certificate on the simulator, and when I checked the Settings the trusted certificate appeared to be in place. However, when I tried it I continued to get this error. I might give the macOS beta a try over the weekend. Testing with a real device takes so much longer, having to commit and push code to external servers. It's a painful work around. Cheers Murray

Hi Quinn Definitely an iOS app. When googling this error I came across some answers that suggested enabling the Outgoing Connections in the App sandbox. I found these settings (including an App Sandbox) in the app configuration stuff. I wasn't aware that it only applies to OSX. Cheers Murray

Setting frames and bounds is no longer supported. You must use constraints. When I changed my layout to use constraints it all started working again. Another case of Apple just changing the rules. Backward compatibility is no longer a thing!

Helllooooo??? Is anybody out there? I'm on xcode 16.3 trying to develop in Swift for minimum compatibility iOS 15, but I'm stuck setting up my development environment. Can I get some help please? All suggestions welcome.

It's now 2025, I'm using the latest Xcode, the latest Simulator, the latest everything. My code is not referencing NSURL (afaik) yet still... let task = URLSession.shared.dataTask(with: urlRequest) And getting a message NSURLErrorDomain Code=-1003 Have the error messages been updated?

The final solution: This site was helpful: https://blog.arrogantrabbit.com/ssl/Root-CA-macOS/ Create a Certificate for our local development Using the Certificate Assistant to first create a Root CA for the computer "Jacaranda" (store in "System") Using the Certificate Assistant to create a leaf Certificate for the domain xpedite.local (store in "Login") Trust the certificate authority. Export the certificate authority to local-cert using the .cer format. I'm creating Jacaranda.cer We can drag and drop this RootCA .cer file onto the simulator to install it. Inside the simularor you can check in Settings | General | About | Certificate Trust Settings to ensure it has been installed. Export the leaf certificate to local-cert using the .cer format. I'm creating xpedite.local.cer You will be prompted for a password, I'm using '***********' Export the leaf key to local-cert using the .p12 format. I'm creating xpedite.local.p12 You will be prompted for a password, I'm using '***********' Run the commands: openssl x509 -inform der -in xpedite.local.cer -out xpedite.local.crt openssl pkcs12 -in xpedite.local.p12 -out xpedite.local.key -nodes -legacy Check the file names in the apache2/extra/httpd-vhosts.conf And then restart apache: sudo apachectl restart Seems simple enough.... 😄 And a big thank you to Quinn - couldn't have done it without you!

The CA Jacaranda.p12 was exported from Keychain Access. Sorry, I'm not sure what the purpose is of importing it back into Keychain Access when it originated from there??? Can you explain your thinking please? Cheers Murray

Hi Quinn Why does every step have to be another problem????? Sorry, getting a bit frustrated with this process. murraycollingwood@192-168-1-17 local-cert % openssl pkcs12 -info -in Jacaranda.p12 -nokeys Enter Import Password: MAC: sha1, Iteration 1 MAC length: 20, salt length: 8 PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048 Error outputting keys and certificates 80A0ECE301000000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:355:Global default library context, Algorithm (RC2-40-CBC : 0), Properties () I also tried specifying the output but that didn't help either: murraycollingwood@192-168-1-17 local-cert % openssl pkcs12 -info -in Jacaranda.p12 -nokeys -out Jacaranda.pem Enter Import Password: MAC: sha1, Iteration 1 MAC length: 20, salt length: 8 PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048 Error outputting keys and certificates 80A0ECE301000000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:355:Global default library context, Algorithm (RC2-40-CBC : 0), Properties () No PEM file is being generated. What can I try next? Cheers Murray

Hi Quinn This is easy because the website supplies the specific .DER file required. I tried a few ideas to create a .DER key but they didn't work. (From my reading the .DER file is a binary format of the public key - not the certificate, however the definition is irrelevant, we just need to generate the file). I went back to the Certificant Assistant and looked for options to create a .DER format of the public key, the private key, the certificate, anything actually, and there is no such option. I did find some openssl commands that would output a .DER file, but none of those options were successful. Generally when I dropped them on the Simulator an error appeared "Profile error". So how do I generate a .DER file from my test environment Root CA, that will load into the Simulator? Cheers Murray

Hi Quinn Sorry - your response never appeared after my 27 Aug post, but then again I didn't see the "Page 1 of 2". When I checked the next page I can now see it. So I dragged my CA root certificate (JacarandaCA.p12) to the simulator (iPhone 15 pro) and a dialog popped up about downloading something from somewhere (it didn't say anything about certificates) - I said yes. Then Safari started on the Simulator and it went to this page https://support.apple.com/en-us/103272 ... no idea why it went there... I then reran my mobile app and got the same error. -9807 Contact URL = https://xpedite.local/rx/rx.php Connection 1: default TLS Trust evaluation failed(-9807) Connection 1: TLS Trust encountered error 3:-9807 Connection 1: encountered error(3:-9807) Task <34F622E9-8ED6-4562-A5D7-ADBA73B30CE0>.<1> HTTP load failed, 0/0 bytes (error code: -1202 [3:-9807]) Task <34F622E9-8ED6-4562-A5D7-ADBA73B30CE0>.<1> finished with error [-1202] Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “xpedite.local” which could put your confidential information at risk." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=( "<cert(0x10684ca00) s: xpedite.local i: Jacaranda>" ), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://xpedite.local/rx/rx.php, NSErrorFailingURLStringKey=https://xpedite.local/rx/rx.php, NSUnderlyingError=0x600000c58db0 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x600003301180>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9807, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9807, kCFStreamPropertySSLPeerCertificates=( "<cert(0x10684ca00) s: xpedite.local i: Jacaranda>" )}}, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <34F622E9-8ED6-4562-A5D7-ADBA73B30CE0>.<1>" ), _kCFStreamErrorCodeKey=-9807, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <34F622E9-8ED6-4562-A5D7-ADBA73B30CE0>.<1>, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600003301180>, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “xpedite.local” which could put your confidential information at risk.} I'm assuming that my CA root certificate has not loaded (or is not trusted). When I drop the CA root (.p12) on the simulator what is supposed to happen. In all my googling I've never seen any documentation (screen shots) of what should happen when I do this. Cheers Murray

@DTS Engineer Hi Quinn Wow - it's been 4 weeks since I started this thread and I'm still struggling. Previously I was getting error -9813 - couldn't find the Root CA. So I decided to move it from the "Login" area to the "System" area based on this article: https://blog.arrogantrabbit.com/ssl/Root-CA-macOS/ I deleted all of the Root CAs and certificates previously created. I then followed these instructions to create them again. This time the Root CA was in the "System" area, while the SSL server certificate was left in the "Login" area. With the certificates in place and the web server restarted, I checked it first with Safari, and the certificates worked fine. Clearly we can see the SSL server certificate (xpedite.local) issued by the Root CA (Jacaranda). The Root CA is "Always trusted". When I run my swift mobile app in the simulator however, I'm getting this error: Connection 1: default TLS Trust evaluation failed(-9807) Connection 1: TLS Trust encountered error 3:-9807 Connection 1: encountered error(3:-9807) -9807 indicates "errSSLXCertChainInvalid" I can't see any error with the Chain. Surely the chain is the link from the certificate to the issuer - but there doesn't appear to be any issue with this. Should I create the SSL server certificate in the "System" area also? Can you suggest anything else I can try to get this working please? It really is holding up all my work on this project. Cheers Murray

@DTS Engineer are you still there, please?

Hi Quinn Sorry for the break - I've been on holiday. So I went through all 137 steps using the Certificate Assistant to create the Root CA and then the SSL server certificate for my domain (xpedite.local). I was very careful to follow the instructions to the letter. I converted both certificates to Base64, appended the RootCA to the xpedite.crt and added the crt and key to my vhosts file. Browsing to the website didn't work. I then used the KeyChain to "Always trust" the Root CA (this didn't happen by default, and the images from the article showed the same issue all the way through. Browsing to the website now works. Using my Swift app (in the simulator) still fails with the same error (below). Connection 1: default TLS Trust evaluation failed(-9813) Connection 1: TLS Trust encountered error 3:-9813 Connection 1: encountered error(3:-9813) Task <01D12F73-55BB-4C12-8FD6-3510D284C9FF>.<1> HTTP load failed, 0/0 bytes (error code: -1202 [3:-9813]) Task <01D12F73-55BB-4C12-8FD6-3510D284C9FF>.<1> finished with error [-1202] Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “xpedite.local” which could put your confidential information at risk." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=( "<cert(0x102832400) s: Xpedite Software i: JacarandaCA2>", "<cert(0x102832c00) s: JacarandaCA2 i: JacarandaCA2>" I haven't really made any progress. Hoping you can help me get over this very annoying hurdle. Cheers Murray

[made a mistake - but can't remove the reply]