Geek Answers Handbook

How can I use AVPlayer with HTTPS and self-signed server certificates?

I have a server that uses self-signed SSL certificates for HTTPS. I have a self-signed root certificate included in my application. I can get an NSURLSession to use and verify a self-signed root certificate using SecTrustSetAnchorCertificates() in the delegate method -URLSession:didReceiveChallenge:completionHandler:

However, when I try to accomplish this using AVPlayer , I get an SSL error message and playback fails. This is my implementation of the AVAssetResourceLoader delegate:

 - (BOOL)resourceLoader:(AVAssetResourceLoader *)resourceLoader shouldWaitForResponseToAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { if ([challenge.protectionSpace.authenticationMethod isEqual:NSURLAuthenticationMethodServerTrust]) { SecTrustRef trust = challenge.protectionSpace.serverTrust; SecTrustSetAnchorCertificates(trust, (__bridge CFArrayRef)self.secTrustCertificates); SecTrustResultType trustResult = kSecTrustResultInvalid; OSStatus status = SecTrustEvaluate(trust, &trustResult); if (status == errSecSuccess && (trustResult == kSecTrustResultUnspecified || trustResult == kSecTrustResultProceed)) { [challenge.sender useCredential:[NSURLCredential credentialForTrust:trust] forAuthenticationChallenge:challenge]; return YES; } else { [challenge.sender cancelAuthenticationChallenge:challenge]; return YES; } } return NO; }

A delegate is called, and trustResult corresponds to kSecTrustResultUnspecified (which means "trusted, without explicit user override"), as expected. However, playback is interrupted shortly after the following AVPlayerItem.error :

Domain Error = NSURLErrorDomain Code = -1200 "An SSL error has occurred and it is not possible to create a secure connection to the server." UserInfo = {NSLocalizedRecoverySuggestion = Would you like to connect to the server anyway ?, NSUnderlyingError = 0x16c35720 {Error Domain = NSOSStatusErrorDomain Code = -1200 "(null)"}, NSLocalizedDescription = An SSL error has occurred, and cannot connect to the server securely.}

How can I get AVPlayer to accept SSL handshake?

+6
source share
1 answer

This implementation worked for me:

 - (BOOL)resourceLoader:(AVAssetResourceLoader *)resourceLoader shouldWaitForResponseToAuthenticationChallenge:(NSURLAuthenticationChallenge *)authenticationChallenge { //server trust NSURLProtectionSpace *protectionSpace = authenticationChallenge.protectionSpace; if ([protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) { [authenticationChallenge.sender useCredential:[NSURLCredential credentialForTrust:authenticationChallenge.protectionSpace.serverTrust] forAuthenticationChallenge:authenticationChallenge]; [authenticationChallenge.sender continueWithoutCredentialForAuthenticationChallenge:authenticationChallenge]; } else { // other type: username password, client trust... } return YES; }

However, he stopped working with iOS 10.0.1 for a reason that I have not yet noticed. So this may or may not help you. Good luck

+2
source

More articles:


All Articles