This is Xamarin's bug tracking system. For product support, please use the support links listed in your Xamarin Account.
Bug 44225 - [Cycle 8] "Error: TrustFailure (CertificateUnknown)" due to apparent reversion of Bug 41653: support for HTTPS server with virtual domains
Summary: [Cycle 8] "Error: TrustFailure (CertificateUnknown)" due to apparent reversio...
Status: VERIFIED FIXED
Alias: None
Product: iOS
Classification: Xamarin
Component: Xamarin.iOS.dll (show other bugs)
Version: XI 10.0 (iOS10)
Hardware: PC All
: High critical
Target Milestone: 10.0.1 (C8SR0)
Assignee: Sebastien Pouliot
URL:
: 42796 43794 (view as bug list)
Depends on:
Blocks:
 
Reported: 2016-09-12 19:40 UTC by Brendan Zagaeski
Modified: 2016-10-06 10:48 UTC (History)
11 users (show)

See Also:
Tags: BZRC8B4_C7SR1S1
Is this bug a regression?: Yes
Last known good build: Cycle 7 – Service Release 1


Attachments
Detailed version info (1.69 KB, text/plain)
2016-09-12 19:40 UTC, Brendan Zagaeski
Details

Description Brendan Zagaeski 2016-09-12 19:40:01 UTC
Created attachment 17429 [details]
Detailed version info

[Cycle 8] "Error: TrustFailure (CertificateUnknown)" due to apparent reversion of Bug 41653: support for HTTPS server with virtual domains




## Regression status: apparent reversion in Cycle 8 of fix from Cycle 7 SR 1

BAD:  Xamarin.iOS 10.0.0.4  (xcode8: d1ee3ba)     + Xcode 8.0 GM, Build version 8A218a
BAD:  Xamarin.iOS 10.0.0.4  (xcode8: d1ee3ba)     + Xcode 8.0 Beta 6, Build version 8S201h
GOOD: Xamarin.iOS 9.8.2.22  (cycle7-sr1: f37444a) + Xcode 7.3, Build version 7D175
BAD:  Xamarin.iOS 9.8.1.4   (c7sr0: 3cf8aae)      + Xcode 7.3, Build version 7D175




## Steps to replicate

1. Download the test case from Bug 41653, Comment 0.  (By luck, the user-provided endpoint from that report is still active.)

2. Build and run the "TlsExceptionTest.iOS" project.  I tested on simulator.  (Note: It is important for the Xamarin linker to be disabled, at least when testing on simulator.  Otherwise you will get an unrelated "Operation is not valid due to the current state of the object." error.)

3. Press the "Run test" button.




## BAD result on Xamarin.iOS 10 (Cycle 8)

The following error message is displayed below the "Run test" button:

> An error occurred while sending the request.
> Error: TrustFailure (CertificateUnkown)
> CertificateUnknown



## GOOD result on Xamarin.iOS 9.8 (Cycle 7 SR 1)

The following result is displayed below the "Run test" button:

> ["value1","value2"]




## Additional version info (brief)

Mono 4.6.0 (mono-4.6.0-branch/dea2155)
Mac OS X 10.11.6
Comment 1 Sebastien Pouliot 2016-09-12 20:04:55 UTC
The original fix not applied to master first (but directly to the `cycle7` release branch) so it was not part of cycle8 when branching was made :-(
Comment 2 Sebastien Pouliot 2016-09-13 01:47:04 UTC
*** Bug 42796 has been marked as a duplicate of this bug. ***
Comment 3 Sebastien Pouliot 2016-09-13 01:48:09 UTC
PS (master) https://github.com/xamarin/xamarin-macios/pull/815
Comment 5 Sebastien Pouliot 2016-09-13 14:02:31 UTC
*** Bug 43794 has been marked as a duplicate of this bug. ***
Comment 6 Mohit Kheterpal 2016-09-15 11:34:47 UTC
I have checked this issue with latest build of master xamarin.ios-10.1.0.23_1da975dbf468bf0e1a22e74c1f613db1ab525cc5 and observed that this issue has been fixed as I am getting expected output when I run test project on simulator and click on Run test

Screencast : http://www.screencast.com/t/hXhhNO6hZG


Hence closing this issue by marking it as Verified fixed.

thanks
Comment 7 Sebastien Pouliot 2016-09-16 17:35:24 UTC
cherry-picked in xcode8 5540514a5179ab32eafaaac5e212518f2b2f97da

cherry picked in cycle8-sr0-xi 94c1f66036ec5c4364ebcf3a7a45c94c14f42c0f
Comment 8 Saurabh 2016-09-19 09:46:53 UTC
I have checked this issue with latest C8SR0 build (XI 10.0.1.5) and observed that this issue working fine. I am getting expected output when I run test project on simulator and click on Run test.

http://www.screencast.com/t/P0w1U3zFHR

Environment Info: https://gist.github.com/tajinder360/4f14bec9ae07ef61e7df19f373c12e77
Comment 11 Brendan Zagaeski 2016-09-23 22:15:03 UTC
## Top of the stack trace for the exception related to this bug, just for more detailed bookkeeping reference

> Unhandled Exception:
> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: Error: TrustFailure (CertificateUnknown) ---> Mono.Security.Interface.TlsException: CertificateUnknown
>   at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication (System.Net.LazyAsyncResult lazyResult) [0x00077] in /Users/builder/data/lanes/3426/6c3fee4d/source/xamarin-macios/_ios-build/Library/Frameworks/Xamarin.iOS.framework/Versions/git/src/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:217 
>   at Mono.Net.Security.MobileAuthenticatedStream.AuthenticateAsClient (System.String targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection clientCertificates, System.Security.Authentication.SslProtocols enabledSslProtocols, System.Boolean checkCertificateRevocation) [0x0000c] in /Users/builder/data/lanes/3426/6c3fee4d/source/xamarin-macios/_ios-build/Library/Frameworks/Xamarin.iOS.framework/Versions/git/src/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:125 
>   at Mono.Net.Security.Private.MonoSslStreamWrapper.AuthenticateAsClient (System.String targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection clientCertificates, System.Security.Authentication.SslProtocols enabledSslProtocols, System.Boolean checkCertificateRevocation) [0x00000] in /Users/builder/data/lanes/3426/6c3fee4d/source/xamarin-macios/_ios-build/Library/Frameworks/Xamarin.iOS.framework/Versions/git/src/mono/mcs/class/System/Mono.Net.Security/MonoSslStreamWrapper.cs:75 
>   at Mono.Net.Security.MonoTlsStream.CreateStream (System.Byte[] buffer) [0x0001e] in /Users/builder/data/lanes/3426/6c3fee4d/source/xamarin-macios/_ios-build/Library/Frameworks/Xamarin.iOS.framework/Versions/git/src/mono/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs:99
Comment 12 Nathan Stryker 2016-10-03 18:46:58 UTC
Hi All - 

I know this bug is marked as resolved but I am still experiencing it. I have downloaded the new version of Xamarin iOS from the beta channel, tried rolling Mono back to previous working versions, but nothing is working. How can I get some support with this issue ?
Comment 13 Brendan Zagaeski 2016-10-03 18:54:44 UTC
@Nathan I suspect you might be hitting Bug 44708.  If not, please file a new bug report (optionally marked private) with as many details [1] as possible (ideally including a test case with an endpoint).


(In case it's helpful to know, new bug reports are encouraged by default because comments on "verified fixed" bugs aren't as visible to the engineering team for prioritization as new bug reports.  Thanks much!)
Comment 15 Nathan Stryker 2016-10-03 19:53:06 UTC
Thanks Brendan - 

I think your right that maybe the bug I'm experiencing.

Note You need to log in before you can comment on or make changes to this bug.