Re: How to handle bad certificate error in NSURLDownload?
Re: How to handle bad certificate error in NSURLDownload?
- Subject: Re: How to handle bad certificate error in NSURLDownload?
- From: "parag vibhute" <email@hidden>
- Date: Mon, 19 May 2008 20:49:52 +0530
Thanks for url.
I implemented same but whenever I launched my application it asks to change
trust settings. Why is it like that?
Other thing is my https server requires username & password so now I am
using WebDownload class (which is subclass of NSURLDownload) but it does ask
about username & password & required file(which is at server) gets partially
downloaded. How can I overcome this?
Thanks again,
Palav
On Mon, May 19, 2008 at 8:22 PM, ainxow <email@hidden> wrote:
>
> On May 19, 2008, at 8:35 AM, "parag vibhute" <email@hidden>
> wrote:
>
> I am using NSURLDownload class to download a file through https. But I get
>> error "bad server certificate". I know this error occurs when HTTPS server
>> has bad certificate. I want to allow this download even though certificate
>> is bad. So can anybody tell how can I handle this?
>> I searched google but found that there is following private API exists
>>
>> [NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost:[[[error
>> userInfo] objectForKey:@"NSErrorFailingURLKey"] host]];
>>
>> But since this is private API, I think I can't use it in commercial
>> application. Can I?
>>
>
> Someone else will have to address how advisable it is for a large
> commercial app. But I can attest that the private API works fine in a
> shipping app I wrote for a client.
>
> Indeed, it seems unavoidable when Safari 3.1.1 is installed: it changed
> something which results in many more invalid certificates, even from
> developer.apple.com. Whether it is now correctly catching invalid
> certificates that were previously being missed, or if it's a new bug that is
> incorrectly flagging perfectly valid certificates, I don't know. But if you
> must get around these somehow, the private API is currently the only option
> AFAIK.
>
> Using the Security Framework, you can let the user to see and accept bad
> certificates, is better than silently allowing them programmatically with no
> warning. I posted code for this about a month ago which might be useful:
>
> http://lists.apple.com/archives/cocoa-dev/2008/Apr/msg01413.html
>
--
There are many things in your life that will catch your eye but only a few
will catch your heart....pursue those'.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden