If I have installed a .pfx certificate in a mobileconfig, should I do something when the server ask for it, or does the system take care automatically of it?
Thanks
I'm not a big expert on this topic, but:
pfx certificates are supported for mobileconfig, as explained here, but I believe you have to implement a delegate of NSURLConnection in order to have the handshake done, i.e.
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
as already explained on this post.
Then you could take example from this post to find some useful code snippet.
You should declare the NSURLConnection delegates:
connection:didReceiveData,
connection:didReceiveResponse and
connectionDidFinishLoading.
Related
I am trying to validate a servers certificate in an iOS application.
The delegate method I am having an issue with is:
- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
This method is called when I use a server such as "https://twitter.com".
But, when I point it to my production server (Government CA), this method simply does not get called.
This cert, I guess, can be considered a self-signed cert, because if you do not have the gov certs installed, you get the "This connection is untrusted" message in a browser.
Is there any way to force willSendRequestForAuthenticationChallenge to be called and check the self-signed certificate?
Thanks!
The question has been asked a while ago but I thought I'd give an answer for people to come.
As I understand the authentication challenge is only called once per host every 10 minutes. The result of the challenge is getting cached for performance. The cache expires in 10 minutes. (http://en.wikipedia.org/wiki/Transport_Layer_Security#Resumed_TLS_handshake)
The good insight is given here by jblack who has the reference to Apple forums: How to cancel a persistent connection using NSURLConnection?
When I had a similar question and an issue, the thing that tripped me was that I used the same host for multiple operations in the app, so the challenge has been accepted elsewhere but hasn't expired before my NSURLConnection fired, hence I never got the challenge (had no need).
Try to isolate the host to this one request and then you should get the callback.
Hope it helps.
I know how to implement "https" using NSURLConnection for async requests. It can be achieved using a couple of delegate methods. Now my problem is , I have my entire app working using sync request and it is impossible to change it into async at this point. Could anyone please tell me how to implement SSL Verification for synchronous request in NSURLConnection?
I have never found a way to. NSURLConnection sync request are extremely limited in functionality. I wrote a wrapper around NSURLConnection I call GPHTTPRequest. Should allow you do to sync request with the ability to allow self-signed and works a lot like ASIHTTPRequest, but is based on NSURLConnection instead of being the lower level CFNetwork framework. link is here:
https://github.com/daltoniam/GPHTTPRequest
also quick code example:
GPHTTPRequest* request = [GPHTTPRequest requestWithString:#"https://selfsignedURLYouwanttoaccess"];
request.allowSelfSigned = YES;
[request startSync];
NSLog(#"response: %#",[request responseString]);
also for the sake of options you can check out:
http://allseeing-i.com/ASIHTTPRequest/
https://github.com/afnetworking/afnetworking
but I would recommend GPHTTPRequest just because I wrote it and know how it works. ;) Any questions let me know.
I have designed an application which will download some data from the server, and all is working fine if there is no network issue. However if there is some network fluctuation during download some data will not be downloaded and the app will crash.
Here I need some help from you guys. Is it possible for me to write a separate code to handle such situation and re-download the entire data by deleting the incomplete downloaded data.
Thank you in advance,
Yes. you can do that.
There are two situation
1. Network not available.
- -> To fix this you have to use "Rechability" sample code(Provided by Apple). Before start downloading you have to check for internet availability.
- ->Or if you are not checking for internet rechability then you will got error code(404) in delegate method of NSURL connection:
- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response
2. Network Fluctuation.
Here I mean in between downloading if network fluctuate. Then it will call below method
- (void)connection:(NSURLConnection *)connection didFailWithError:(NSError *)error
You can handle all the things inside this method
When there is any network fluctuation or similar problem, you should get a HTTP error code if you are using NSURLConnection or any other network APIs. You could use that to delete the incomplete downloaded data and inform controller code so it could decide if to redownload etc.
Aditya is right. Assume that you are using NSURLConnection If your connection breaks you can read the response code using the following delegate method,
- (void)connection:(NSURLConnection*)connection didReceiveResponse:(NSURLResponse*)response {
NSHTTPURLResponse* httpResponse = (NSHTTPURLResponse*)response;
int responseStatusCode = [httpResponse statusCode];
}
and you could proceed with stopping the connection and deleting your unfinished download data.
Updated answer for the comment.
If you are using different connections in different classes you should have this implemented in each of the classes. In my opinion you should have a design like in which a particular class will handle all connection related tasks. (May be it won't suit your requirement). But for your current design you should use this in all your classes.
I'm writing a download manager in Objective-C, and I have it working with resume functionality. I am writing the data to disk as I receive it so that if the download is interrupted for any reason, it should pick up where it left off. Apple says you should expect one or more - (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response events. In this event, they say you should reset any data you have previously received because your download is being redirected and the bytes you have already received is invalid, so I delete the existing file and recreate with 0 bytes. But if I receive this event multiple times, I have to delete data I have previously received in the form of a partial download, defeating the purpose of resume functionality. Is there a solution to this?
The solution I have come up with is: only reset the data on- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response events I receive after the first. This would fix the majority of cases (I would think). Is this logically sound? Is there a better alternative? How likely is a file download to fire multiple - (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response events?
My recommendation would be to use a library from someone who has already solved this problem, ASIHttpRequest is what I use. It can be found here
Search for 'Resuming' on that page
multipart/x-mixed-replace is used when the server wants to replace what it has already given you with something else. Deleting everything you've downloaded so far is the only sensible option, you can't resume downloading something when the server is telling you to throw it away and use something else instead.
How likely is a file download to fire multiple - (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response events?
Extremely unlikely. It's only ever used in certain types of streaming, not for anything you'd need a download manager for.
This is nice and clean library that, I think, has functionality that you need:
https://github.com/Anviking/DownloadManager
I have implemented the usual Asynchronous connection mode in one of my apps and it works fine. The error handling is also happening properly. I also have implemented the Reachability API by Apple.
I would like to have for example 5 retires to be done when there is a network failure.
Kindly suggest me a good way to implement this.
Implementing the retry option was simple actually.
- (void)connection:(NSURLConnection *)connection didFailWithError:(NSError *)error
Use this method to make sure you identify the error condition while a try is failed. You can reinitiate the request again inside this method with a int flag has the NO_MAX_RETRY(eg.5) set.
- (void)connectionDidFinishLoading:(NSURLConnection *)connection this method when returned the connection is successful and you can reset the retry flag and release the retry routine.