Kaltura CDN HTTPS site not recognized on iOS

Community Forums API and App Developers Support
1

Hi,

We are paying customers, but I do not have access to the management login personally to make a ticket. On iOS, the CDN domain for thumbnails does not have a valid SSL certificate configuration for iOS.

We cannot use HTTP without whitelisting your domains specifically.

See the following error.

2016-11-15 17:52:47.365826 ZLSwift[705:195099] [IceLink] DEBUG AudioUnitSink buffer underrun.
Printing description of error:
▿ Optional

  • Some : Error Domain=NSURLErrorDomain Code=-1202 “The certificate for this server is invalid. You might be connecting to a server that is pretending to be “cdnapi.kaltura.com” which could put your confidential information at risk.” UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x17410ff60>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9843, NSErrorPeerCertificateChainKey=(
    "<cert(0x10390de00) s: a248.e.akamai.net i: Symantec Class 3 ECC 256 bit SSL CA - G2>",
    "<cert(0x10390e600) s: Symantec Class 3 ECC 256 bit SSL CA - G2 i: VeriSign Class 3 Public Primary Certification Authority - G5>"
    ), NSUnderlyingError=0x17424ce40 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 “(null)” UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x17410ff60>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9843, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9843, kCFStreamPropertySSLPeerCertificates=(
    "<cert(0x10390de00) s: a248.e.akamai.net i: Symantec Class 3 ECC 256 bit SSL CA - G2>",
    "<cert(0x10390e600) s: Symantec Class 3 ECC 256 bit SSL CA - G2 i: VeriSign Class 3 Public Primary Certification Authority - G5>"
    )}}, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “cdnapi.kaltura.com” which could put your confidential information at risk., =https://cdnapi.kaltura.com/p/1846601/sp/184660100/thumbnail/entry_id/0_re13yjke, NSErrorFailingURLStringKey=https://cdnapi.kaltura.com/p/1846601/sp/184660100/thumbnail/entry_id/0_re13yjke, NSErrorClientCertificateStateKey=0}
2

Here is an example of the URL used. It works fine in the Chrome browser. Just iOS has different standards.

https://cdnapisec.kaltura.com/p/1846601/sp/184660100/thumbnail/entry_id/0_re13yjke

3

It does also work on mobile Safari. Just not on an iOS application. Changing to HTTP and whitelisting the domain causes that URL to load on NSURLSession.