• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: NSURLRequest SSL Mac vs iPhone
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NSURLRequest SSL Mac vs iPhone

  • Subject: Re: NSURLRequest SSL Mac vs iPhone
  • From: Greg Hoover <email@hidden>
  • Date: Fri, 16 Oct 2009 07:52:45 -0700

On Oct 16, 2009, at 1:13 AM, Andrew Farmer wrote:

On 16 Oct 2009, at 00:48, Greg Hoover wrote:
I have the same piece of code making a secure request to a server in a Mac application and in an iPhone app. Both use an NSURLRequest with exactly the same settings, message, body, etc. On the Mac, the request succeeds, returning the data expected. On the iPhone however, the request fails with an "untrusted server certificate" error (NSURLErrorDomain -1202).

My guess is the root certificates are different on the two platforms. Just a guess, but if the server you're connecting to is using a cert signed by a "weird" authority, that might be it.


It's signed by Verisign. Where does NSURLRequest and its supporting routines find the CA root certs?

I suspected that the iPhone implementation somehow doesn't have access to the root certificates, so I checked on the servers SSL cert using openssl. Openssl says: "unable to verify the first certificate". So now I figure that the Mac (10.6.1) implementation just allows the request to proceed when the verification fails (it doesn't return an error of any kind actually). Can anyone shed some light on this?

OpenSSL is a red herring. NSURLRequest doesn't use openssl to verify certificates. In fact, openssl has no root certs installed at all by default on OS X, so it'll fail to verify any certificate at all.


Well when I run OpenSSL on my own server it checks out fine. I was thinking that my CA root certs were just out of date, but when I run OpenSSL its more like it can't find several certs that should be part of the chain.

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: NSURLRequest SSL Mac vs iPhone

      • From: Alastair Houghton <email@hidden>
      • 

    • Re: NSURLRequest SSL Mac vs iPhone

      • From: Jens Alfke <email@hidden>
      • 





References: 


 >NSURLRequest SSL Mac vs iPhone (From: Greg Hoover <email@hidden>)


 >Re: NSURLRequest SSL Mac vs iPhone (From: Andrew Farmer <email@hidden>)






    

  • Prev by Date:
NSCollectionView issues

    • 

  • Next by Date:
Re: NSCollectionView issues

    • 

  • Previous by thread:
Re: NSURLRequest SSL Mac vs iPhone

    • 

  • Next by thread:
Re: NSURLRequest SSL Mac vs iPhone

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •