I am currently trying to connect to a server with a self signed certificate. I am using NSURLConnection to connect to the server. How can I make sure that I only trust the right server and cancel all other connections? I am using the following code
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
SecTrustResultType results;
SecTrustRef trust = [[challenge protectionSpace] serverTrust];
SecTrustEvaluate(trust, &results);
if (results == kSecTrustResultProceed || results == kSecTrustResultConfirm) {
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
} else {
[challenge.sender cancelAuthenticationChallenge:challenge];
}
}
Currently SecTrustEvaluate always returns with results equal to kSecTrustResultRecoverableTrustFailure. I have installed a configuration profile with the certificate on the phone using the iphone configuration utility and it is marked as verified but it did not change the results.
Can anyone help me get a trust result of either kSecTrustResultProceed or kSecTrustResultConfirm for a self signed certificate?