tags:

views:

41

answers:

1
Q: 

Self-signed SSL certificates and stringWithContentsOfURL

I am requesting some data from a server with NSString#stringWithContentsOfURL:. The server is using a self-signed certificate, so stringWithContentsOfURL: simply returns nil and does not give a change to accept the certificate.

This is all expected behaviour. I know how to properly do this with NSURLConnection and it's delegate methods instead, but I am looking for a shorter term fix instead of rewriting this code. (Yay deadlines)

So my question is, is it possible to import the self-signed certificate into the application's keychain, and will that cause stringWithContentsOfURL: to accept the self-signed certificate?

A: 

I beleive that there is an enterprise tool from Apple for installing SSL certs -- it was necessary to get exchange mail working.

You may also be able to mail the .cer file to yourself, open on your iPhone and install it.

There is also the AdvancedURLConnections sample project from Apple

This sample demonstrates various advanced networking techniques with NSURLConnection. Specifically, it demonstrates how to respond to authentication challenges, how to modify the default server trust evaluation (for example, to support a server with a self-signed certificate), and how to provide client identities.

TomH  2010-09-21 11:03:43

related questions

Why is access denied when installing SSL cert on IIS 5?
What does a PHP developer need to know about https / secure socket layer connections?
Am I turning away customers by disabling SSL 2.0 and PCT 1.0 in IIS5?
Coding Dojo with IE and SSL
Enforce SSL in code in an ashx handler
How to connect to PostgreSQL from .NET using TLS with both client and server authentication?
HELP SSL GURUs!!! ... Problems with SSL Connection
What's a clean/simple way to ensure the security of a page?
How to specify accepted certificates for Client Authentication in .NET SslStream
SharePoint stream file for preview
Problem with Oracle Application Server SSL Certificates
Is there a limit with the number of SSL connections?
Testing HTTPS files with MAMP
Cheapest SSL certificates
Limiting traffic to SSL version of page only
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Is there a way to make Firefox ignore invalid ssl-certificates?
How do I create a self signed SSL certificate to use while testing a web app.
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
HTTPS in IIS 5.1
How do you redirect HTTPS to HTTP?
Debugging: IE6 + SSL + AJAX + post form = 404 error
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
Options for Google Maps over SSL