Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Https iOS with self signed certificate

I have a server with a self signed certificate . I want to connect my device with the server with https form . I hear that I must just accept the connexion . But I don t know how . I have a self signed certificate because it is a test server. But I want to access it with https form? When I try to access with https I have an error :

SURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)

Then it is a self signed certificate .

Someone can help me ?

like image 994
Mcr67 Avatar asked Mar 26 '14 14:03

Mcr67


People also ask

How add self-signed certificate to trusted iOS?

If you want to turn on SSL/TLS trust for that certificate, go to Settings > General > About > Certificate Trust Settings. Under "Enable full trust for root certificates," turn on trust for the certificate.

What is iOS self-signed certificate?

Self-signed certificates are an inexpensive option to use SSL communication also in development environments. By default, iOS will block all communication attempts of a Cordova app with a self-signed certificate.


2 Answers

By default, Cocoa refuses all SSL connections when the certificate is invalid.

However, you can force them to accept also invalid certificates. The method depends on which library/framework you are using. For example:

  • For NSURLConnection, check this answer.
  • For ASIHTTPRequest, you need to set the property validatesSecureCertificate to NO.
  • For AFNetworking, you can check the code to use in this page
  • For CFNetwork, the low-level Foundation framework, check this sample code.
  • For SURLConnection, which looks like you're using, you need to follow the same instructions for NSURLConnection. Indeed, SURLConnection is just a subclass of NSURLConnection.

Important note:
The code above, to accept any kind of SSL certificate, even if invalid, is a serious security risk. Basically, it makes the whole SSL useless. As a consequence, you should use that code only during development, if you really need to test with SSL connections.
Please also note that Apple will reject any application submitted to the App Store that accepts invalid SSL certificates.

like image 94
ItalyPaleAle Avatar answered Sep 28 '22 07:09

ItalyPaleAle


Certificate configuration:

You have to install the Self Signed Certificate or CA on the device in order for the device to trust it then only device trusts the SSL connection.

In the case of installing self signed certificate make sure domain name of the URL is same as Common name of certificate.

If there is no domain name then IP address is fine.

Certificate installation:

You can just host it on the web server and try to access it from safari then iOS will prompt for the certificate installation in the iOS Device

Certificate Creation:

Here is the way to create self signed certificate so that you can fill all the details and host in web server.

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 1001 -nodes

(Pay attention while entering the value for Common Name)

like image 45
Durai Amuthan.H Avatar answered Sep 28 '22 08:09

Durai Amuthan.H