1

I want to allow a self-signed certificate with an NSURLConnection, provided that the host is in a trusted list.

I see a lot of folks doing something like this:

- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
    if ([protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
        if (allowSelfSignedCertForThisHost) {
            NSLog(@"Allowing self signed!");
            return YES;
        }
    }
    return NO;
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
    if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
        if ([trustedHosts containsObject:challenge.protectionSpace.host]) {
            [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
        }
    }
    [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}

However, I'm wondering why you would invoke useCredential:forAuthenticationChallenge but also continueWithoutCredentialForAuthenticationChallenge after.

Willam Hill
  • 1,572
  • 1
  • 17
  • 28

1 Answers1

1

Just add that certificate on device with iPhone Configuration Utility or Apple Configurator.

Cy-4AH
  • 4,370
  • 2
  • 15
  • 22