Re: How to handle bad certificate error in NSURLDownload?
Re: How to handle bad certificate error in NSURLDownload?
- Subject: Re: How to handle bad certificate error in NSURLDownload?
- From: "parag vibhute" <email@hidden>
- Date: Mon, 19 May 2008 21:02:08 +0530
Sorry please read last statement as "but it does not ask....."
Thanks,
Palav
On Mon, May 19, 2008 at 8:49 PM, parag vibhute <email@hidden>
wrote:
> Thanks for url.
>
> I implemented same but whenever I launched my application it asks to change
> trust settings. Why is it like that?
>
> Other thing is my https server requires username & password so now I am
> using WebDownload class (which is subclass of NSURLDownload) but it does ask
> about username & password & required file(which is at server) gets partially
> downloaded. How can I overcome this?
>
> Thanks again,
> Palav
>
>
> On Mon, May 19, 2008 at 8:22 PM, ainxow <email@hidden> wrote:
>
>>
>> On May 19, 2008, at 8:35 AM, "parag vibhute" <email@hidden>
>> wrote:
>>
>> I am using NSURLDownload class to download a file through https. But I
>>> get
>>> error "bad server certificate". I know this error occurs when HTTPS
>>> server
>>> has bad certificate. I want to allow this download even though
>>> certificate
>>> is bad. So can anybody tell how can I handle this?
>>> I searched google but found that there is following private API exists
>>>
>>> [NSURLRequest setAllowsAnyHTTPSCertificate:YES
>>> forHost:[[[error
>>> userInfo] objectForKey:@"NSErrorFailingURLKey"] host]];
>>>
>>> But since this is private API, I think I can't use it in commercial
>>> application. Can I?
>>>
>>
>> Someone else will have to address how advisable it is for a large
>> commercial app. But I can attest that the private API works fine in a
>> shipping app I wrote for a client.
>>
>> Indeed, it seems unavoidable when Safari 3.1.1 is installed: it changed
>> something which results in many more invalid certificates, even from
>> developer.apple.com. Whether it is now correctly catching invalid
>> certificates that were previously being missed, or if it's a new bug that is
>> incorrectly flagging perfectly valid certificates, I don't know. But if you
>> must get around these somehow, the private API is currently the only option
>> AFAIK.
>>
>> Using the Security Framework, you can let the user to see and accept bad
>> certificates, is better than silently allowing them programmatically with no
>> warning. I posted code for this about a month ago which might be useful:
>>
>> http://lists.apple.com/archives/cocoa-dev/2008/Apr/msg01413.html
>>
>
>
>
> --
>
> There are many things in your life that will catch your eye but only a few
> will catch your heart....pursue those'.
>
--
There are many things in your life that will catch your eye but only a few
will catch your heart....pursue those'.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden