ASIHTTPRequest Authentication
https://stackoverflow.com/questions/3430104
-
26-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have discovered ASIHTTPRequest a few days ago and I'm now blocked on a thing. I would like to authenticate my self on an https address (https://user:pwd@api.domain.com/0.1/userCom/?apikey=12432 )
I try this code :
NSURL *url = [NSURL URLWithString:@"https://api.domain.com/0.1/userCom/?apikey=12432"];
ASIFormDataRequest *request = [ASIFormDataRequest requestWithURL:url];
[request setDelegate:self];
[request setUsername:@"myUserName"];
[request setPassword:@"myPassword"];
[request startAsynchronous];
And I've implemented the delegate methods
-(void)requestFailed:(ASIHTTPRequest *)request
{
NSError *error = [request error];
NSLog(@"Failed %@ with code %d and with userInfo %@",[error domain],[error code],[error userInfo]);
}
-(void)requestFinished:(ASIHTTPRequest *)request
{
NSLog(@"Finished : %@",[request responseString]);
}
When I launch my application the requestFailed method is directly called and I have this message :
Failed ASIHTTPRequestErrorDomain with code 1 and with userInfo {
NSLocalizedDescription = "A connection failure occurred: SSL problem (possibly a bad/expired/self-signed certificate)";
NSUnderlyingError = "Error Domain=NSOSStatusErrorDomain Code=-9807 \"The operation couldn\U2019t be completed. (OSStatus error -9807.)\" UserInfo=0x680fbf0 {}";Have got an idea to resolve this problem ? Thanks a lot !
Solution
There are two possible approaches:
i) Fix the certificate on your/ the server if possible. (Or there's a small chance you might be using the wrong hostname to connect? Does the same error appear when using safari on the device?)
This is definitely the correct and preferred approach.
or:
ii) Disable certificate checking:
[request setValidatesSecureCertificate:NO];
Disabling certificate checking is, perhaps obviously, not a good permanent solution. Disabling it removes a lot of the security that https provides and leaves your app wide open to Man-in-the-Middle (MITM) attacks for a start. It can be a good temporary solution when debugging or using a test server that doesn't have a proper certificate, but in the long term you should fix the underlying issue so that the server's certificate is valid.
OTHER TIPS
Happens to me too but the cause was a different story - its because my test device's date&time setting is set to a past date.
A certificate is only valid on a specific date range that's why the app fails to validate it with a wrong date setting. I fixed it by setting the correct date&time on the iphone.
