I have an application which now needs to be deployed to the app store, as it is slowly becoming unavoidable thanks to Gatekeeper.
Only problem is that web requests seem to fail, in the sense that they aren't even being fired.
The following code snippet has been pulled from a Xamarin Bugzilla article, and succeeds when built for Release and Debug;
try
{
WebClient test = new WebClient();
Console.WriteLine("Testing SSL GET...");
string testresponse = test.DownloadString(checkFileUrl);
Console.WriteLine("testresponse = " + testresponse);
} catch (Exception e)
{
Console.WriteLine(e.Message);
Console.WriteLine(e.InnerException.Message);
}
However, when I flip over to AppStore build, with sandboxing and Network IO Entitlements, the request never gets sent out, as verified by Charles in Non-SSL decryption mode. The following gets spat out from the console;
Testing SSL GET...
Error getting response stream (Write: The authentication or decryption has failed.): SendFailure
The authentication or decryption has failed.
This seems to be the problem, as we use SOAP calls made to an IIS service to perform actions, the first of which is logging in. For Debug and Release, login works fine, as the calls are completed. Once again, the AppStore build doesn't even attempt to make contact.
Certificates are valid, and CA's installed in my keychain.
Leading up to this, I was getting some exceptions in the code (in Debug) such as;
System.Exception..ctor (message="invalid encoding specification.") in /private/tmp/source/bockbuild-mono-3.2.6/profiles/mono-mac-xamarin/build-root/mono-3.2.6/mcs/class/corlib/System/Exception.cs:81
and
System.Exception..ctor (message="Store Root doesn't exists.") in /private/tmp/source/bockbuild-mono-3.2.6/profiles/mono-mac-xamarin/build-root/mono-3.2.6/mcs/class/corlib/System/Exception.cs:81
and
System.Exception..ctor (message="Store CA doesn't exists.") in /private/tmp/source/bockbuild-mono-3.2.6/profiles/mono-mac-xamarin/build-root/mono-3.2.6/mcs/class/corlib/System/Exception.cs:81
which still leads me to believe it is a Certificate issue. The test URL is an S3 link, and the login server is an EC2 instance with valid Certificates.
Cheers.