Geek Answers Handbook

Https iOS with a self-signed certificate

I have a server with a self-signed certificate. I want to connect my device to a server with the https form. I heard that I just have to accept the connection. But I do not know how to do this. I have my own certificate because it is a test server. But I want to access it with the https form? When I try to access using https, I have an error:

SURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)

Then this is a self-signed certificate.

Can anybody help me?

+7
ios objective-c certificate ssl-certificate
source share
2 answers

By default, Cocoa fails all SSL connections when the certificate is invalid.

However, you can force them to accept invalid certificates as well. The method depends on which library / structure you are using. For example:

  • For NSURLConnection, check this answer .
  • For ASIHTTPRequest, you need to set the validatesSecureCertificate property to NO.
  • For AFNetworking, you can check the code that will be used in this page.
  • For CFNetwork, a low-level Foundation Foundation, check out this sample code .
  • For SURLConnection, it looks like you are using, you need to follow the same instructions for NSURLConnection. Indeed, SURLConnection is just a subclass of NSURLConnection.

Important Note:
The above code to accept any SSL certificate, even if it is not valid, is a serious security risk. Basically, this makes all SSL useless. As a result, you should only use this code during development if you really need to test SSL connections.
Also note that Apple will reject any application sent to the App Store that accepts invalid SSL certificates.

+18
source

Certificate Configuration:

You must install a self-signed certificate or CA on the device so that the device can trust it, only the device trusts the SSL connection.

If you install a self-signed certificate, make sure that the domain name of the URL matches the common name of the certificate.

If the domain name is missing, then the IP address is perfect.

Certificate Installation:

You can simply place it on a web server and try to access it from safari, after which iOS will offer to install a certificate on your iOS device

Certificate Creation

Here is a way to create a self-signed certificate so that you can fill out all the details and the host on the web server.

 openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 1001 -nodes

(Note when entering a value for the common name)

+2
source

More articles:


All Articles