The certificate for this server is invalid

ios iphone nsurlconnection nsurlconnectiondelegate
pa12 picture pa12 · Jan 18, 2014 · Viewed 46.1k times · Source

I know that if I use following nsurlconnectiondelegate it will be fixed

– connection:willSendRequestForAuthenticationChallenge: – connection:canAuthenticateAgainstProtectionSpace

But I am trying to use

sendAsynchronousRequest:queue:completionHandler:

So you don't get the callback. I looked into apple docs it say following

If authentication is required in order to download the request, the required credentials must be specified as part of the URL. If authentication fails, or credentials are missing, the connection will attempt to continue without credentials.

I could not figure out how to do that. When I looked up all I got is this private call

+(void)setAllowsAnyHTTPSCertificate:(BOOL)inAllow forHost:(NSString *)inHost;

Any idea how to do this?

Following is the error I get

The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com=0x8b34da0 {NSErrorFailingURLStringKey=https://example.com/test/, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSErrorFailingURLKey=https://example.com/test/, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com” which could put your confidential information at risk., NSUnderlyingError=0xa26c1c0 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com” which could put your confidential information at risk.", NSURLErrorFailingURLPeerTrustErrorKey=

Answer

Mohd Iftekhar Qurashi picture Mohd Iftekhar Qurashi · Aug 30, 2014

The webserver which you are using is asking for Server Trust Authentication, you need to properly respond with the appropriate action. You need to implement connection:willSendRequestForAuthenticationChallenge: delegate method and use SecTrustRef to authenticate it.

More information can be found here:- https://developer.apple.com/library/ios/technotes/tn2232/_index.html

This was my code to fix error:

- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
    NSURLProtectionSpace *protectionSpace = [challenge protectionSpace];

    id<NSURLAuthenticationChallengeSender> sender = [challenge sender];

    if ([[protectionSpace authenticationMethod] isEqualToString:NSURLAuthenticationMethodServerTrust])
    {
        SecTrustRef trust = [[challenge protectionSpace] serverTrust];

        NSURLCredential *credential = [[NSURLCredential alloc] initWithTrust:trust];

            [sender useCredential:credential forAuthenticationChallenge:challenge];
    }
    else
    {
        [sender performDefaultHandlingForAuthenticationChallenge:challenge];
    }
}

Related questions

iphone: secure restfull server "The certificate for this server is invalid

I am trying to consume secure restful service which gives error Error = Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “xxx.xxx.xxx.xxx” …

Read More
NSURLConnection and Basic HTTP Authentication in iOS

I need to invoke an initial GET HTTP request with Basic Authentication. This would be the first time the request is sent to the server and I already have the username & password so there's no need for a challenge …

Read More
how to use sendAsynchronousRequest:queue:completionHandler:

Two part question Part one: I am trying to create an ASynchronous request to my database. I am currently doing it Synchronously however I want to learn both ways to better my understanding of whats going on. Currently I have …

Read More