Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problems with Self-signed server certificate #206

Open
GoogleCodeExporter opened this issue Jul 21, 2015 · 0 comments
Open

Problems with Self-signed server certificate #206

GoogleCodeExporter opened this issue Jul 21, 2015 · 0 comments
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 

What steps will reproduce the problem?

I have tried to connect with my server in this way:
1.     MYServiceSoap11Binding *bind = [[MYService MYServiceSoap11Binding] 
retain];
2.     MYService_receiveData *request= [[MY_receiveData new] autorelease];
3.     MYSoap11BindingResponse *resp= [bind receiveDataUsingParameters:request 
];

If I connect to server without certificates is ok, but when I try to connect 
with Self-signed server certificate (https), I have followed the 'Advanced 
Options' instructions.  The connection started with the method 
sendHTTPCallUsingBody:(NSString *)outputBody soapAction:(NSString *)soapAction 
forOperation:(MYServiceSoap11BindingOperation *)operation
of the class MYServiceSoap11Binding as follows:

 NSURLConnection *connection = [[NSURLConnection alloc] initWithRequest:request delegate:operation];
  operation.urlConnection = connection;
    [connection start];

How Operation is delegated of the connection, It have to implement 
-(void)connection:(NSURLConnection *)connection 
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge; 
that say apple where I send the certificate. But it doesn't implement this 
method. I have to implement it using this code.

- (BOOL)authenticateForChallenge:(NSURLAuthenticationChallenge *)challenge
{
    if ([challenge previousFailureCount] > 0) {        
        return NO;
    }

    NSURLCredential *newCredential = nil;
    NSURLProtectionSpace *protectionSpace = [challenge protectionSpace];
    SecurityCenter *securityCenter = [SecurityCenter sharedInstance];

    // server authentication - NSURLAuthenticationMethodServerTrust
    if ([protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
        SecTrustRef trust = [protectionSpace serverTrust];
        NSArray *anchors = [securityCenter serverAnchors];
        SecTrustSetAnchorCertificates(trust, (CFArrayRef)anchors);
        SecTrustSetAnchorCertificatesOnly(trust, YES);


        SecTrustResultType res = kSecTrustResultInvalid;
        OSStatus sanityChesk = SecTrustEvaluate(trust, &res);

        if ((sanityChesk == noErr) 
            && [self validateResult:res]) {

            newCredential = [NSURLCredential credentialForTrust:trust];
            [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];

            return YES;
        }

        return NO;
    }

    [NSException raise:@"Authentication method not supported" format:@"%@ not supported.", [protectionSpace authenticationMethod]];
    return NO;
}


I`m working with last version of source code in iOS7.

Original issue reported on code.google.com by [email protected] on 10 Jan 2014 at 2:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter