How can I access HTTPS using direct ip without editing /etc/hosts in iOS?

Question

By default, example.com resolve to 123.123.123.123,

But If I want it to be resolved to 100.100.100.100.

For http, I can simply change the url to http://100.100.100.100 with a header "Host: example.com".

But it's not working for HTTPS.（Error: SSL certificate problem: Invalid certificate chain).

My question is not why, and I do not want to skip the certificate validation.

How can I get the same effect in Objective-C like curl's

--resolve option:

--resolve <host:port:address>
          Provide a custom address for a specific host and port pair. Using this, you can make the  curl  requests(s)
          use  a specified address and prevent the otherwise normally resolved address to be used. Consider it a sort
          of /etc/hosts alternative provided on the command line. The port number should be the number used  for  the
          specific  protocol  the  host  will  be  used for. It means you need several entries if you want to provide
          address for the same host but different ports.

In other words, How to make custom DNS query in HTTPS requests in Objective-C?

Answer 1

When you are using https, the address that you use in your request, and the address given to you by the certificate returned by the server, must agree.

If you send a request to https://100.100.100.100 then the server must return a certificate for 100.100.100.100. Even if you connected successfully to https:// www.xyz.com, and www.xyz.com resolved to 100.100.100.100, connecting to https://100.100.100.100 isn't going to work, cannot work, and absolutely must not work, because the server will return a certificate for www.xyz.com and not for 100.100.100.100.