Geek Answers Handbook

Authentication ASIHTTPRequest

I discovered ASIHTTPRequest a few days ago, and now I'm blocked. I would like to authenticate myself at https ( https: // user: pwd@api.domain.com /0.1/userCom/?apikey=12432 )

I am trying this code:

NSURL *url = [NSURL URLWithString:@"https://api.domain.com/0.1/userCom/?apikey=12432"]; ASIFormDataRequest *request = [ASIFormDataRequest requestWithURL:url]; [request setDelegate:self]; [request setUsername:@"myUserName"]; [request setPassword:@"myPassword"]; [request startAsynchronous];

And I implemented delegate methods

 -(void)requestFailed:(ASIHTTPRequest *)request { NSError *error = [request error]; NSLog(@"Failed %@ with code %d and with userInfo %@",[error domain],[error code],[error userInfo]); } -(void)requestFinished:(ASIHTTPRequest *)request { NSLog(@"Finished : %@",[request responseString]); }

When I launch the application, the requestFailed method is directly called, and I have this message:

 Failed ASIHTTPRequestErrorDomain with code 1 and with userInfo { NSLocalizedDescription = "A connection failure occurred: SSL problem (possibly a bad/expired/self-signed certificate)"; NSUnderlyingError = "Error Domain=NSOSStatusErrorDomain Code=-9807 \"The operation couldn\U2019t be completed. (OSStatus error -9807.)\" UserInfo=0x680fbf0 {}";

Do you have an idea to solve this problem? Many thanks!

+4
source share
2 answers

There are two possible approaches:

i) Correct the certificate on your server, if possible. (Or is there a small chance that you can use the wrong hostname to connect? Does the same error appear when using safari on the device?)

This is definitely the right and preferred approach.

or

b) Disable certificate verification:

 [request setValidatesSecureCertificate:NO];

Turning off certificate verification may not be a good permanent solution. Disabling this feature eliminates the significant degree of security provided by https and leaves your application wide open for Man-in-the-Middle (MITM) attacks to begin with. This may be a good workaround when debugging or using a test server that does not have the proper certificate, but in the long run you must fix the underlying problem for the server certificate to be valid.

+7
source

It happens to me too, but the reason was a different story - this is because the date and time setting for the test device is set to the last date.

The certificate is valid only in a certain date range, so the application cannot verify it with the wrong date setting. I fixed it by setting the correct date and time on iphone.

0
source

More articles:


All Articles