I want to ignore certificate verification, where and how to do it with XMLRPC web service?

iphone xml-rpc simplexmlrpcserver
AKG picture AKG · Oct 12, 2010 · Viewed 16.4k times · Source

I am accessing a web service and getting this error when trying to connect( web service is XMLRPC and I am using wordpress xmlrpc source code for request and handling repsonse):

Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “**.org” which could put your confidential information at risk."

WebService people are saying to ignore certificate verification part, so if someone has idea of how to do that will be of great help for me.

after some suggestion I used the below NSURLConnection delegate, stil same error

 -(BOOL)connection:(NSURLConnection *)connection  canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {  
 return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
 }   

 -(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {  
 if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])  
if ([trustedHosts containsObject:challenge.protectionSpace.host])  
  [challenge.sender useCredential:[NSURLCredential  credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];  
  [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}

Answer

Harjot Singh picture Harjot Singh · Jul 20, 2014

As of now Jay has given the right answer. But these two methods are deprecated now.

- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace // deprecated over iOS 5.0. Not even called in iOS 7.0

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge // deprecated over iOS 5.0. Not even called in iOS 7.0

So instead of that you can use that method:

-(void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
    if ([[challenge protectionSpace] authenticationMethod] == NSURLAuthenticationMethodServerTrust) {
        [[challenge sender] useCredential:[NSURLCredential credentialForTrust:[[challenge protectionSpace] serverTrust]] forAuthenticationChallenge:challenge];
    }
}

I have used this chunk of code to overcome the below listed error:

Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “app.*****.com” which could put your confidential information at risk.

Related questions

Using XML-RPC in iPhone apps

Is it possible to use XML-RPC calls in iPhone application (what approaches are the best)? Are there any constraints with XML-RPC? Thank you, Paul

Read More
How can I develop for iPhone using a Windows development machine?

Is there any way to tinker with the iPhone SDK on a Windows machine? Are there plans for an iPhone SDK version for Windows? The only other way I can think of doing this is to run a Mac VM …

Read More
Apple Mach-O Linker Error when compiling for device

I've just upgraded to xcode 4.0 and I can no longer deploy to iPhone, I get a Apple Mach-O Linker Error, it still works for the simulator though. Ld /Users/yveswheeler/Library/Developer/Xcode/DerivedData/iParcel-fkeqjcjcbbhjwhdssjptkdxzzzxh/Build/Intermediates/iParcel.build/Debug-iphoneos/…

Read More