On 16 Oct 2009, at 00:48, Greg Hoover wrote:
I have the same piece of code making a secure request to a server in a Mac application and in an iPhone app. Both use an NSURLRequest with exactly the same settings, message, body, etc. On the Mac, the request succeeds, returning the data expected. On the iPhone however, the request fails with an "untrusted server certificate" error (NSURLErrorDomain -1202).
My guess is the root certificates are different on the two platforms. Just a guess, but if the server you're connecting to is using a cert signed by a "weird" authority, that might be it.
I suspected that the iPhone implementation somehow doesn't have access to the root certificates, so I checked on the servers SSL cert using openssl. Openssl says: "unable to verify the first certificate". So now I figure that the Mac (10.6.1) implementation just allows the request to proceed when the verification fails (it doesn't return an error of any kind actually). Can anyone shed some light on this?
OpenSSL is a red herring. NSURLRequest doesn't use openssl to verify certificates. In fact, openssl has no root certs installed at all by default on OS X, so it'll fail to verify any certificate at all.
_______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
