By default, Cocoa refuses all SSL connections when the certificate is invalid.
However, you can force them to accept also invalid certificates. The method depends on which library/framework you are using. For example:
- For NSURLConnection, check this answer.
- For ASIHTTPRequest, you need to set the property
validatesSecureCertificate
to NO.
- For AFNetworking, you can check the code to use in this page
- For CFNetwork, the low-level Foundation framework, check this sample code.
- For SURLConnection, which looks like you're using, you need to follow the same instructions for NSURLConnection. Indeed, SURLConnection is just a subclass of NSURLConnection.
Important note:
The code above, to accept any kind of SSL certificate, even if invalid, is a serious security risk. Basically, it makes the whole SSL useless. As a consequence, you should use that code only during development, if you really need to test with SSL connections.
Please also note that Apple will reject any application submitted to the App Store that accepts invalid SSL certificates.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…