SSL Authorization on Snow Leopard (OSX 10.6)
My app send request over https and have a problem in next method:
- (void)connection:(NSURLConnection *)connection
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge
*)challenge {
if ([[[challenge protectionSpace] authenticationMethod]
isEqualToString: NSURLAuthenticationMethodServerTrust]) {
SecTrustRef serverTrust = [[challenge protectionSpace] serverTrust];
OSStatus trustEvaluate = SecTrustEvaluate(serverTrust, NULL);
NSLog(@"trust evaluate: %d", trustEvaluate);
SecCertificateRef remoteVersionOfServerCertificate =
SecTrustGetCertificateAtIndex(serverTrust, 0);
CFDataRef remoteCertificateData =
SecCertificateCopyData(remoteVersionOfServerCertificate);
BOOL certificatesAreTheSame = NO;
if ([localCertificateData isEqualToData:(__bridge NSData
*)remoteCertificateData]) {
certificatesAreTheSame = YES;
}
if (remoteCertificateData) {
CFRelease(remoteCertificateData);
}
if (certificatesAreTheSame) {
[[challenge sender] useCredential: [NSURLCredential
credentialForTrust: serverTrust] forAuthenticationChallenge:
challenge];
}
else {
[[challenge sender] cancelAuthenticationChallenge: challenge];
}
}
}
The problem is that code is not working properly on 10.6 since
SecTrustGetCertificateAtIndex() is deprecated. It always returns null.
Which approach/method to use instead? If possible please provide an example.
No comments:
Post a Comment