Sorry please read last statement as "but it does not ask....." Thanks, Palav
On Mon, May 19, 2008 at 8:49 PM, parag vibhute <[EMAIL PROTECTED]> wrote: > Thanks for url. > > I implemented same but whenever I launched my application it asks to change > trust settings. Why is it like that? > > Other thing is my https server requires username & password so now I am > using WebDownload class (which is subclass of NSURLDownload) but it does ask > about username & password & required file(which is at server) gets partially > downloaded. How can I overcome this? > > Thanks again, > Palav > > > On Mon, May 19, 2008 at 8:22 PM, ainxow <[EMAIL PROTECTED]> wrote: > >> >> On May 19, 2008, at 8:35 AM, "parag vibhute" <[EMAIL PROTECTED]> >> wrote: >> >> I am using NSURLDownload class to download a file through https. But I >>> get >>> error "bad server certificate". I know this error occurs when HTTPS >>> server >>> has bad certificate. I want to allow this download even though >>> certificate >>> is bad. So can anybody tell how can I handle this? >>> I searched google but found that there is following private API exists >>> >>> [NSURLRequest setAllowsAnyHTTPSCertificate:YES >>> forHost:[[[error >>> userInfo] objectForKey:@"NSErrorFailingURLKey"] host]]; >>> >>> But since this is private API, I think I can't use it in commercial >>> application. Can I? >>> >> >> Someone else will have to address how advisable it is for a large >> commercial app. But I can attest that the private API works fine in a >> shipping app I wrote for a client. >> >> Indeed, it seems unavoidable when Safari 3.1.1 is installed: it changed >> something which results in many more invalid certificates, even from >> developer.apple.com. Whether it is now correctly catching invalid >> certificates that were previously being missed, or if it's a new bug that is >> incorrectly flagging perfectly valid certificates, I don't know. But if you >> must get around these somehow, the private API is currently the only option >> AFAIK. >> >> Using the Security Framework, you can let the user to see and accept bad >> certificates, is better than silently allowing them programmatically with no >> warning. I posted code for this about a month ago which might be useful: >> >> http://lists.apple.com/archives/cocoa-dev/2008/Apr/msg01413.html >> > > > > -- > > There are many things in your life that will catch your eye but only a few > will catch your heart....pursue those'. > -- There are many things in your life that will catch your eye but only a few will catch your heart....pursue those'. _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
