iOS9 and caldav

I can get CalDav working with SSL when I don't enter a specific port on IOS9 extended configuration. This sets the SSL port for CalDav to 443, which is not standard for CalDav over SSL as we all know. However, despite this setting, the firewall still registers connects on 8443. If I change the port to the "correct" SSL port for CalDav (8443), the sync just fails. Looks like somebody hardcoded the port... However, this trick doesn't seem to work for CardDav. My CardDav doesn't connect even without SSL - which wouldn't be an option for "production level" anyway.

According to Apple Support they only support "latest versions". We happen to run an OSX Server 10.6.8 that serves all other devices not running on IOS9 just fine (iOS 6,7 and 8, as well as OSX 10.6.8, 10.9 and 10.10). One iPad mini 2 was updated to IOS9 (and 9.0.1) subsequently and stopped syncing with the server - by the way: showing no errors on the IOS9 device at all, no errors on the server, just the data never got updated any more after the update.

After having talked with Apple support for quite some time and exchanging e-mails with them it seems to me they do not see a problem with this. Because you report a completely different server (platform) with similar problems, everything points to IOS9 im my eyes - and not to my "overaged (4 years)" server, as Apple support happened to put it. So I am a bit stuck with this all new IOS9...

Please let us know when your situation changes and why/how...

Great work! This even solves the mysterious port problem in IOS9 configuration for me. I can now configure 8443 (instead of 443) and it works! Thanks! However, the problem with CardDAV remains unsolved. I also tried your helping lines in carddavd.plist, but these config params don't seem to be recognized there ("ignoring unknown configuration parameter SSL_OP_NO_TLSv1_1"... and the other one in carddavd's error.log file). Since you were so successful with CalDAV, would you have a similar great idea for CardDAV as well?

Wouldn't it make sense for Apple to provide a "switch" in the IOS9 configuration, that allows switching between the two configurations, so that the servers wouldn't need to be configured differently?

Thanks for the solution. It worked for me on my server. Still have the same issue as Flexibug regarding CardDAV.

Hi Thanks JochenPa ... this Worked for one of my 10.8.5 Servers, AND it fixed CardDav Server too!..

massee/ Flexibug , not sure why this did not fix your CardDav Service.... what version of server did you try this on?

~JB

Actually, it worked for me as well for CardDAV. When I tried first, it didn't work. Probably made a mistake with the command lines. Got it on the second try.

Server Version 10.6.8.

OSX Server 10.6.8, original Apple Calendar and Contacts servers. The solution is good for CalDav, not for my CardDav though.

IOS9 Contacts configuration reports an authentication error when not using SSL (although the same account and creds are used as with the IOS 8.4.1 clients, which work flawlessly). Manually enabling "basic" authentication (vs. MD5 digest or Kerberos) didn't help either. When using SSL, IOS9 config reports "connection using SSL impossible..." Ignoring the messages and trying to use the settings results in "data loss", i.e. the "migrated" data (from 8.4.1) disappears in contacts and cannot by re-synced using the CardDav server (the server and the server's contact groups disappear in "groups" of "all contacts"). The client appears at the firewall (edge) using the ports configured for the firewall and for the server/service, it is visible at the (software) firewall logs of the OSX Server box, but not visible in the logs of CardDav service (neither application nor error log). All other IOS clients do.

massee: what command lines are you referring to? the lines for the plist file? I cut & pasted the lines from JochenPa's post (just before the last 2 closing tags), so I doubt I have a typo in it. I really would like to know what I am missing here...

Yes Flexibug, I'm referring to the line for the .plist file. Copy and Paste and it worked after a restart of the CardDAV service.

Fascinating. Thanks for your feedback.

I restarted both services (and the server) after the change many times. And it didn't change a thing for CardDav. Are you using "all standard" on the server side e.g. ports, private/self-made SSL certificates, etc.? Do you get any errors when you use the "configuration" settings in IOS9 (i.e. change and re-change the URL or the settings on "extended" page and then "Done")? Are you using class-C IP addresses for the server directly or do you NAT and port-forward between the Internet and the server?

When the fix is working for more than one other plus even on a linux box I must be missing something here. I hope to find the reason soon...

For iCal the solution is fine for me.

Regarding contacts I added the lines above into the carddavd.plist file and it works now partly:

it only syncs when I add or update an contact on my iphone.

It seems that the iphone can't syncs manually by swiping down.

The log indicates that clearly.

I am running Mac OS 10.6.8 Server and iOS 9.0.2.

When adding accounts in iOS 9 there's a new entry in the "others" list down below CardDAV-Account or CalDAV-Account called "OS X-Serveraccount". Try using this entry when adding calendar or contacts hosted on OS X Servers. This works for us using server on 10.6 to 10.9. Seems this entry type will notice the different ports on OS X servers.

Hello,

Please, could you tell me where you add these lines in the caldav.plist ? I added these line in down of the caldav.plist file but it don't work for me. Also I think that it's important to add it in a precise line of the caldav.plist file and not anywhere ?

Thank your for your answer.