Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CFNetwork and SSL Certificate Exceptions

1) From my (admittedly limited) exploration, it looks like CFNetwork
doesn't have any support for presenting a standard UI for asking the
user how to resolve certificate exceptions. (The observed divergence
in behavior between Apple Mail and Safari seems to bear this out.)
Is that correct, or have I missed something? 

That's correct; you haven't missed anything.

2) Since kCFStreamPropertySSLSettings is only supported on 10.4 and
later, this tells me that I need to hand-roll my own SSL code using
Secure Transport, because my app needs to run on pre-10.4 systems
(10.3.9, to be exact). This isn't the end of the world, because
I've done it once before, but I'm hoping that I can avoid having
to do it again. Is there a supported way to manage SSL handshake
options for a CFStream on 10.3.x?

There is an older (less complete) API supported on 10.3.x; look in the headers for kCFStreamPropertySocketSecurityLevel. That will allow you to turn on SSL, but will not give you the configurability you can get with kCFStreamPropertySSLSettings.

Hope that helps,
REW

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macnetworkprog/email@hidden

This email sent to email@hidden
References: 
 >CFNetwork and SSL Certificate Exceptions (From: Rich Siegel <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.