Re: Explain NSURLAuthenticationMethodServerTrust to me?
Re: Explain NSURLAuthenticationMethodServerTrust to me?
- Subject: Re: Explain NSURLAuthenticationMethodServerTrust to me?
- From: David Riggle <email@hidden>
- Date: Thu, 19 Jul 2012 07:32:09 -0700
These are the best documents I've found on the subject:
http://developer.apple.com/library/mac/#documentation/cocoa/conceptual/URLLoadingSystem/Articles/AuthenticationChallenges.html
http://developer.apple.com/library/ios/#samplecode/AdvancedURLConnections/Introduction/Intro.html
The latter sample code is pretty thorough; unfortunately it's written in a crazy plug-in style that really interferes with the teaching process.
To handle NSURLAuthenticationMethodServerTrust properly you should call SecTrustEvaluate(). If that fails I call [SFCertificateTrustPanel sharedCertificateTrustPanel] to ask the user whether the server should be trusted. If the user says OK, I cache the result in a global. That way the user is only bothered once per launch. The TrustPanel also allows the user to add the server's certificate to the keychain, in which case future calls to SecTrustEvaluate() will succeed.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden