0

I'm handling the server trust authentication challenge in a custom way (comparing the public key from the server trust with a hashed local version) through the urlSessionDelegate, similarly to how it is done here: How do I accept a self-signed SSL certificate using iOS 7's NSURLSession and its family of delegate methods for development purposes?

As described in the documentation, I need to cancel the challenge if I want to fail the server trust authentication myself. When doing this, my data task will complete with the NSURLErrorCancelled. I have some error handling classes which look at the resulting NSURLError returned by the datatask, and it would be a lot cleaner for me if I got NSURLErrorServerCertificateUntrusted instead.

Is there a way to achieve that? Or will those server errors only be forwarded when the authentication is handled automatically, without the delegate methods?

agirault
  • 2,509
  • 20
  • 24

1 Answers1

1

Would the normal handling of the certificate in question fail with that error?

If so, you could use NSURLSessionAuthChallengePerformDefaultHandling in that case.

If not, I think the only way would involve mucking around with the challenge sender, which is highly discouraged, though it might not be catastrophic if you call that and afterwards call the proper completion handler. There's a good chance you'd get two callbacks, though. I've never attempted this.

My advice would be to file a bug with Apple asking for a proper API to pass an NSError along with cancellation.

dgatwood
  • 10,129
  • 1
  • 28
  • 49