• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: How to handle bad certificate error in NSURLDownload?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to handle bad certificate error in NSURLDownload?

  • Subject: Re: How to handle bad certificate error in NSURLDownload?
  • From: ainxow <email@hidden>
  • Date: Mon, 19 May 2008 09:52:07 -0500

On May 19, 2008, at 8:35 AM, "parag vibhute" <email@hidden> wrote:

I am using NSURLDownload class to download a file through https. But I get
error "bad server certificate". I know this error occurs when HTTPS server
has bad certificate. I want to allow this download even though certificate
is bad. So can anybody tell how can I handle this?
I searched google but found that there is following private API exists

[NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost: [[[error
userInfo] objectForKey:@"NSErrorFailingURLKey"] host]];

But since this is private API, I think I can't use it in commercial
application. Can I?

Someone else will have to address how advisable it is for a large commercial app. But I can attest that the private API works fine in a shipping app I wrote for a client.

Indeed, it seems unavoidable when Safari 3.1.1 is installed: it changed something which results in many more invalid certificates, even from developer.apple.com. Whether it is now correctly catching invalid certificates that were previously being missed, or if it's a new bug that is incorrectly flagging perfectly valid certificates, I don't know. But if you must get around these somehow, the private API is currently the only option AFAIK.

Using the Security Framework, you can let the user to see and accept bad certificates, is better than silently allowing them programmatically with no warning. I posted code for this about a month ago which might be useful:

http://lists.apple.com/archives/cocoa-dev/2008/Apr/msg01413.html
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: How to handle bad certificate error in NSURLDownload?

      • From: "parag vibhute" <email@hidden>
      • 



    

  • Prev by Date:
Re: [OT] generating API docs

    • 

  • Next by Date:
Re: Cocoa bindings and reluctance to use NSPopupButon

    • 

  • Previous by thread:
Re: How to handle bad certificate error in NSURLDownload?

    • 

  • Next by thread:
Re: How to handle bad certificate error in NSURLDownload?

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •