Using the nscurl tool to diagnose ATS Connection Issues
In OS X v10.11 and later, you can use the
/usr/bin/nscurltool to help diagnose connection issues due to App Transport Security.
--ats-diagnosticsoption tries to connect with the specified URL using different combinations of values for the
NSExceptionAllowsInsecureHTTPLoadskeys shown in Table 3 (Apple iOS Docs). A summary of the results is printed to the command line.
The format for the command is:
/usr/bin/nscurl --ats-diagnostics [--verbose] URL
- URL. The URL for the host. This is required.
- verbose. Specifying this option includes more information for each connection attempt including the keys and associated values used.
I used this recently to figure out issues with my Camlistore instance. I had a combination of setting up my SSL incorrectly, issues with code configuration, and Camlistore’s server not apparently using TLS.
All is figured out now though.