3
    NSURL *url = [NSURL URLWithString:@"https://myUrlString.com"];
    NSURLRequest *request = [NSURLRequest requestWithURL:url]; 

    NSURLResponse *responseurl;
    NSError *err;
    NSData *data = [NSURLConnection sendSynchronousRequest:request returningResponse:&responseurl error:&err]; 
    NSLog(@"data length:%u", data.length);
    NSLog(@"response:%@ , error:%@", responseurl, err);

And the response i got is :-

data length:0
response:(null) ,

error:Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “myUrlString.com” which could put your confidential information at risk." UserInfo=0x8742d70 {NSErrorFailingURLStringKey=https:https://myUrlString.com,

NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?,

NSErrorFailingURLKey=https://myUrlString.com,

NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “myUrlString.com” which could put your confidential information at risk., NSUnderlyingError=0x8745bf0 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “myUrlString.com” which could put your confidential information at risk.", NSURLErrorFailingURLPeerTrustErrorKey=}

Prasad G
  • 6,702
  • 7
  • 42
  • 65
Zubair
  • 5,833
  • 3
  • 27
  • 49

2 Answers2

2

You are using Https request so you should use ASIHTTPRequest or you may try this code

NSMutableURLRequest *request = [[[NSMutableURLRequest alloc] init] autorelease];

[request setURL:[NSURL URLWithString:@"https:yoururl"]];
[request setHTTPMethod:@"GET"];
[request setValue:postLength forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:getData];
Rob
  • 415,655
  • 72
  • 787
  • 1,044
Mashhadi
  • 3,004
  • 3
  • 46
  • 80
  • Perhaps `ASIHTTPRequest` could solve this (it's longer supported, so that may be moot question), but simply creating and configuring the `NSMutableURLRequest`, as you've outlined here, will certainly not do it. You have to explicitly respond to the `NSURLSession`/`NSURLConfiguration` authentication methods, or you have to call the private method that suppresses this validation. – Rob Mar 26 '14 at 16:58
1

See Technical Note TN2232 for a discussion of what to do to properly resolve HTTPS Server Trust issues, and more importantly, what not to do. The bottom line is that they encourage you to fix the server to resolve the trust issue, rather than working around it.

If you want to temporarily work around it (for example you're just doing some testing with some tool like Charles for which you're temporarily intercepting requests in order to perform diagnostics), you can use the private method to turn off this validation (note, if this code is in app submitted to App Store, they may reject it for using a private API) or you can respond to the NSURLConnection delegate methods.

Again, be very careful about shipping code that bypasses this important warning, but if you have to during the testing of your app, then one of the above methods can be useful.

Community
  • 1
  • 1
Rob
  • 415,655
  • 72
  • 787
  • 1,044