[This is a faux follow-up to several year-old post in hopes of supplanting in
Google the widespread information about using the private methods
allowsAnyHTTPSCertificateForHost: and setAllowsAnyCertificate:forHost: and
complete lack of information on the supported mechanism for accomplishing the
same end.]
There is a supported API for ignoring bad certificates! Add something like this
to your NSURLConnection delegate:
- (BOOL)connection:(NSURLConnection *)connection
canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace
*)protectionSpace
{
return [protectionSpace.authenticationMethod
isEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge
*)challenge
{
if ([challenge.protectionSpace.authenticationMethod
isEqualToString:NSURLAuthenticationMethodServerTrust])
if ([trustedHosts containsObject:challenge.protectionSpace.host])
[challenge.sender useCredential:[NSURLCredential
credentialForTrust:challenge.protectionSpace.serverTrust]
forAuthenticationChallenge:challenge];
[challenge.sender
continueWithoutCredentialForAuthenticationChallenge:challenge];
}
Note that connection:didReceiveAuthenticationChallenge: can send its message to
challenge.sender (much) later, after presenting a dialog box to the user if
necessary, etc.
--
Gordon Henriksen
Server Software Engineer
Carbonite Inc.
_______________________________________________
Cocoa-dev mailing list ([email protected])
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to [email protected]
