Comments on: Ignoring Certificate Errors on NSUrlRequest

By: Drops

Drops — Thu, 05 Jan 2012 09:41:19 +0000

synchronous calls don’t use the delegate, so it won’t work. The only way to get HTTPS work with synchronous calls is to have a valid root certificate, either because the server certificate comes from a regular provider or because you have installed your own ROOTCA on the device via Apple’s management tool.

By: Kamlesh Mallick

Kamlesh Mallick — Thu, 05 Jan 2012 07:05:38 +0000

Thanks for the blog.
I have a question.

If i use the ‘sendSynchronousRequest’ api call, and if the certificate is trusted, will this API work?

The reason i ask is we already have an app which uses ‘sendSynchronousRequest’ and a customer is having issues with https.
What kind of certificate should the customer use? Which company?
Ultimately what certificate would enable this API – sendSynchronousRequest to work?

By: Anshul

Anshul — Tue, 04 Oct 2011 14:47:34 +0000

But the drops method is also working fine. I assume that is much more easier for newbies like me to absorb( Somebody might like to elaborate on this). Anyways thanks a lot for the help.

By: NSURLConnection with Self-Signed Certificates @ Cocoanetics

NSURLConnection with Self-Signed Certificates @ Cocoanetics — Sat, 04 Dec 2010 09:43:39 +0000

[...] as to how you can prevent NSURLConnection from aborting a HTTPS GET if the certificate is invalid. At that time it seemed like the only method available was a forbidden one: allowsAnyHTTPSCertificateForHost. [...]

By: charles

charles — Tue, 24 Aug 2010 02:21:02 +0000

since apple do not allow private api calls, ghenriksen’s way works great for me, Thanks!

By: Ignoring Certificate Errors on NSUrlRequest « The Official Blog of Web X.0 Media

Sun, 10 Jan 2010 18:09:20 +0000

[...] http://www.drobnik.com/touch/2009/11/ignoring-certificate-errors-on-nsurlrequest/ « Attaching an Image of UIView to Email [...]

By: ghenriksen

ghenriksen — Sat, 09 Jan 2010 16:00:51 +0000

There is a supported API for ignoring bad certificates during NSURLConnection loads. To do so, simply add something like this to your NSURLConnection delegate:

- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
  return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
 
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
  if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
    if ([trustedHosts containsObject:challenge.protectionSpace.host])
      [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
 
  [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}

Note that connection:didReceiveAuthenticationChallenge: can send its message to challenge.sender (much) later, say from a delegate method of an SFCertificateTrustPanel.

By: drops

drops — Wed, 11 Nov 2009 06:00:21 +0000

Hi Marton,

for all the code that I am posting I am usually creating a new project and then put all that I am interested in into the app delegate. Then I’m looking at the output of NSLog statements. If it is free of errors and has the promised result then I copy/paste all relevant parts into pre sections to get the syntax highlighting.

So I have two problems with having download links: 1) there is no more to see that I am already showing, the rest is just a standard project. 2) if you where to take one of my sample projects and would have to go looking for which parts you need you would take more time reusing my code than by having the essentials before you and copy/pasting from there. 3) when I’m creating code that too complex for a blog post then I’m saving it for my “parts store” or MyAppSales.

Finally most of the time I’ll be using code that I thus discovered in MyAppSales and other projects like Kernseife. So if I propose category classes, most likely you can find them in one of these projects anyway. But your point is taken, if I do that the next time, I will mention from which public project you can copy the files.

By: marton.fodor

marton.fodor — Wed, 11 Nov 2009 05:50:46 +0000

Oliver, I’ve been reading your blog for a long time now, and found it very useful. I thing bothers me though. You frequently post very useful and free to use code snippets and categories, but you don’t provide download links for the source code. I know I’m just a whiney bitch, but I keep copy+pasting from your blog every day into my code repo, and a download link instead would be just so nice.