Step 1

This is where customers help other customers. Find useful information in existing discussions or ask your questions.


Forward

Step 2

You can discover and actively shape the digital services of SBB here.


Back Forward

Step 3

You will find tips and tricks about train travel here.


Back Forward

Step 4

You will see the latest posts from all areas of the Community here.


Back End tour

Error XVA-1200

Traveller

Hello, I opened my SBB app this morning and the error XVA 1200 appeared

any ideas how to troubleshoot that problem ?

 

Best Regards 

 

Philipp


Accepted Solutions

Re: Error XVA-1200

Traveller

I wrote a quick tutorial here: https://github.com/jankais3r/SBB-XVA-1200


All Replies

Re: Error XVA-1200

Moderator
0 Likes

Hi @pschwabedal 

Thank you for your request.

Did you also receive this error message today? If this is the case, please contact the specialists directly (ticketshop@sbb.ch)
My colleagues will be able to help you.

Best regards
NicolasK

Re: Error XVA-1200

New Member
0 Likes

Sehr geehrter Herr NicolasK,

 

ich habe das selbe Problem. Allerdings weis ich auch was das Problem an der ganzen Sache ist. Denn mit dem neuen Software Update (IOS 13 Beta 1&2 bis jetzt) vertraut Apple gewissen SLL Zertifikaten nicht mehr (welche genau müssten Sie nachschauen). Durch dies wird das Anzeigen von Zugverbindungen in der App unmöglich, da die App keine Verbindung zum Server aufbauen kann.

Bitte lösen Sie dieses Problem so schnell wie möglich, da ich stark auf die App angewiesen bin..

 

Mit Freundlichen Grüssen,

Xeno Wyss

Re: Error XVA-1200

New Member
0 Likes
@WyssX 
SLL Problem beschreibung:

"The problem might originate from server cert used by SBB if it is signed with SHA-1.

SHA-1 has been considered insecure since at least 2005 and Apple does not trust such certificates anymore with iOS 13 / macOS 10.15 (https://support.apple.com/en-us/HT210176)"
Highlighted

Re: Error XVA-1200

Moderator
0 Likes

Hello @WyssX 

Thank you for your request.

Currently, iOS13 only exists in beta version.

As a result, bugs can indeed be found. As soon as the operating system is verified and officially launched, our SBB Mobile application will work without any problems.

We thank you for your patience and wish you a nice afternoon.

Best regards,
JulieL

 

Re: Error XVA-1200

Traveller

SBB is pinning a CA thats not trusted otherwise by Apple in their App. If you manually add SBB's CA to your iOS devices trust store the app will continue to work.

Note 1: You must also consider, that adding this CA to your device will whiteliste all servers signed by SBB for all communication originating from your device.

Note 2: Pinning an otherwise not trusted CA is by no means bad practice on SBB's side. If our (entire internet) current system with hundreds of CA is trustworthy or not is beeing debated for a long time. SBB limits the attack space by pinning a Single CA. As long as they keep the private key of this particular CA safe they have a secure implementation.

Re: Error XVA-1200

Traveller
0 Likes

How do you proceed to this ? 

Re: Error XVA-1200

Traveller
0 Likes

Installing Custom CAs is described at many locations on the internet. eg:

https://support.securly.com/hc/en-us/articles/206978437-How-to-deploy-Securly-SSL-certificate-to-iOS...

Now to the question about obtaining the CA certificate: you can obtain it from SBBs server using OpenSSL CLI:

s_client -showcerts -connect p1.sbbmobile.ch:443

If this info is not sufficient you are not a developer and should not be in possession of a closed beta.

Re: Error XVA-1200

Traveller
0 Likes

I am maybe not as much at ease than you in SSL certification and I maybe only Ron beta on my secondary device for a reason...

I asked for hero, is it possible for you to explain to me how to do it woithput me getting in trouble by you

do I have to do it via the dereloper website ?

via keychain access on Mac?

any other suggestions ? 

thank you very much for helping out,

best regards ++

Re: Error XVA-1200

Traveller

I wrote a quick tutorial here: https://github.com/jankais3r/SBB-XVA-1200