If you're using UIWebView for connecting to a website which uses https, you rather hope that website has a trusted/validated certificate. Otherwise, it fails obscurely and you need to implement some tricks to get around this limitation. Btw, I am not sure how app store would react to this kind of change as it may cause some security risks.
Anyway, if you still want to go on, follow these steps. If you never heard of "Category" in Objective-C, I would rather suggest to look at the link (Objective-C categories), before implementing anything. Basically, a Category allows you to add additional methods to a class even the one you don't have the source code. For instance, if you want to add toCompare method to NSString class, you need to implement a category for it. Categories are so powerful; you can even use the instance variables (even if they're private) defined in the original source code. The only limitation is you cannot define new variables.
If we return to our original problem; we need to somehow turn off the certificate checking for the websites which has no valid certificate and insist on using https (this is most of the case your testing host). To do this, you need define a category for the NSURLRequest class and override the private allowsAnyHTTPSCertificateForHost method which takes NSString as a parameter and return bool. I would like to warn one more time to not use this method for the app that you're submitting for App Store, as this is a private method and I suspect that Apple will reject your app. But in any case, it is a good way to temporarily turn of certificate checking especially while testing your app towards the website which has not valid certificate yet.
No comments:
Post a Comment