4

I have an app that displays a warning to the user when they attempt to contact a server with a self-signed or otherwise untrusted SSL certificate. If they choose to proceed, we use connection:didReceiveAuthenticationChallenge to continue with the HTTPS request by creating a credential for the server trust. This is the common way that connections are made to untrusted servers on iOS.

What I'm wondering if there's a way to only create this server trust for a particular connection, or if it's possible to rescind the trust at a later time. What we've found is that the server trust lasts for as long as the app is running. We'd like to be able to prompt the user again at a later time to make sure they still want to proceed. Is this possible? Is there a way for the trust to only "last" for one connection, or to find the trust and somehow remove it so that we go through the process again for that same server?

Wammer
  • 81
  • 3

1 Answers1

0

Are you not releasing the connection after the data is received. If you are releasing it it should ask every time. Make sure the cache property for you connection is not enabled

Siby
  • 318
  • 1
  • 10
  • Yes, I'm releasing the connection, and tried setting the cache policy for the request to not cache anything. It still only calls canAuthenticateAgainstProtectionSpace and didReceiveAuthenticationChallenge for the first request against any given server (assuming we allow the request to proceed). – Wammer Dec 20 '12 at 15:03