SSL in stream socket connection

StackOverflow https://stackoverflow.com/questions/15895953

  •  02-04-2022
  •  | 
  •  

Question

I'm working in iOS application. I'm Trying to connect to https server with NSStream connection. With NSURLConnection, this work fine and i can trusted the challenge like this :

-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {

}

But my problem is the only delegate available in Stream is :

- (void) stream:(NSStream *)stream handleEvent:(NSStreamEvent)eventCode {

}

How to manage this ?

Was it helpful?

Solution

I finally found the solution. Thanks to Wireshark

        [inStream setProperty:(id)kCFBooleanFalse forKey:(NSString *)kCFStreamPropertyShouldCloseNativeSocket];
        [outStream setProperty:(id)kCFBooleanFalse forKey:(NSString *)kCFStreamPropertyShouldCloseNativeSocket];
        NSMutableDictionary *settings = [NSMutableDictionary dictionaryWithCapacity:1];
        [settings setObject:_certificates forKey:(id)kCFStreamSSLCertificates];
        [settings setObject:(NSString *)NSStreamSocketSecurityLevelNegotiatedSSL forKey:(NSString *)kCFStreamSSLLevel];
        [settings setObject:[NSNumber numberWithBool:YES] forKey:(NSString *)kCFStreamSSLAllowsAnyRoot];
        [settings setObject:@"MY HOST" forKey:(NSString *)kCFStreamSSLPeerName];

        CFReadStreamSetProperty((CFReadStreamRef)inStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings);
        CFWriteStreamSetProperty((CFWriteStreamRef)outStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings);

The Most important is to set the certificate without current certificate. You should set the current identity and other certificate in chain. This should be set by iOSX using Identity and normally the Private key will be available for the stream.

Hope this help

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top