iphone: secure restfull server "The certificate for this server is invalid

Asked 10/9, 2012 at 7:55 Answered 27/8, 2014 at 19:9

Solved iphone objective-c ios nsurlconnection nsurlconnectiondelegate

I am trying to consume secure restful service which gives error

Error = Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “xxx.xxx.xxx.xxx” which could put your confidential information at risk."

working on xCode 4.2, where is the mistake or any step missing.

using following code

RegisterUser.f

@interface RegisterUser : UIViewController<UITextFieldDelegate,
UIScrollViewDelegate, NSURLConnectionDelegate>

RegisterUser.m

- (IBAction)SubmitBtnAction:(id)sender {

    NSURL *url = [NSURL URLWithString:@"https://xx.xx.xx.xxx:8223/jaxrs/tunedoorgateway/getCountries"];
    NSURLRequest *urlRequest = [NSURLRequest requestWithURL:url];

    [NSURLConnection sendAsynchronousRequest:urlRequest queue:[[NSOperationQueue alloc] init]
     completionHandler:^(NSURLResponse *response, NSData *data, NSError *error)
     {

         if ([data length] >0 && error == nil)
         {
             NSLog(@"Data = %@", data);
             // DO YOUR WORK HERE

         }
         else if ([data length] == 0 && error == nil)
         {
             NSLog(@"Nothing was downloaded.");
         }
         else if (error != nil){
             NSLog(@"Error = %@", error);
         }

     }];

}


- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
    NSLog(@"This is canAuthenticateAgainstProtectionSpace");
    return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}


- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
//    if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
//        if ([trustedHosts containsObject:challenge.protectionSpace.host])
            [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];

    [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
    NSLog(@"This is didReceiveAuthenticationChallenge");
  //  [[challenge sender] cancelAuthenticationChallenge:challenge];
}

Devanagari answered 10/9, 2012 at 7:55 Comment(2)

I'd solve this by setting proper date and time for my device. – Binah 8/8, 2013 at 12:37

Solved same issue with just setting devices' date & time to automatic. – Rambert 25/7, 2017 at 9:40

I feel this might be because of DNS, something like your server is not registered.

Try using this for development:

Create an NSURLRequest+NSURLRequestSSLY.h file and add these lines to it

#import <Foundation/Foundation.h>

@interface NSURLRequest (NSURLRequestSSLY)
+(BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host;

@end

Create an NSURLRequest+NSURLRequestSSLY.m file and add these lines to it

#import "NSURLRequest+NSURLRequestSSLY.h"

@implementation NSURLRequest (NSURLRequestSSLY)
+(BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host
{
    return YES;
}

@end

And don't forget to remove it before publishing as your app might get rejected.

Reconstruct answered 10/9, 2012 at 8:8 Comment(4)

gives #import "NSURLRequest+NSURLRequestSSLY.h" file not found error ? – Devanagari 11/9, 2012 at 0:46

Just put #ifdef DEBUG and #endif around it and the problem with releasing to the app store should solve itself ;) – Harbour 7/3, 2014 at 14:59

@VaibhavTekam What if I want to submit app on store for production and want to get rid of this problem? – Ratha 25/9, 2014 at 7:41

@Jayaprakash Dubey ... Get the Server right. The problem shall not exist at all. – Reconstruct 29/9, 2014 at 6:29

The failure is not in your code. You are using a HTTPS server which does not provide a known certificate. If you have setup the server yourself you have to go and buy a singed certificate from one of the big certification authorities which are trusted by iOS and most other operating systems.

For development purposes you can test your REST service by ignoring the non-trusted certificate. Follow this guide for doing that: http://www.cocoanetics.com/2009/11/ignoring-certificate-errors-on-nsurlrequest/

But for production use I recommend you do not use this method since it will bring a security leak to your application. If you do ignore security you can also just use HTTP instead of HTTPS.

Lakesha answered 10/9, 2012 at 8:7 Comment(2)

But this is using private API and Apply could Reject Application due to this, can you help with some public API, like the one I used but having problems to get it solved – Devanagari 11/9, 2012 at 6:43

ASIHttpRequest does have a simple BOOL property which disables the certification validation. Maybe you have a look at the source of the project or just use ASIHttpRequest instead of NSURLRequest. – Lakesha 11/9, 2012 at 10:42

I have tried several way and found out it is related with apple developer centre certificate. Upgrade your provisioning and try it again. I have tried posting data with iPad, iPhone 5 and 5S but iPhone 4. When I have update my provisioning and installing on my iPhone 4, works with now issue.

Calabrese answered 27/8, 2014 at 19:9 Comment(0)

Recommended topics

Hot tags