I want to allow invalid SSL certificates with AFNetworking

Question

I want to allow invalid SSL certificates. My main code is below:

myClient = [[MyClient alloc] init];
[myClient getHtml:@\"/path/to/the/distination.html\"];
<         


        

Answer 1

Here's how you can do it using the manager for a POST operation.

 AFHTTPRequestOperationManager *manager = [AFHTTPRequestOperationManager manager]; //initialize
 manager.securityPolicy.allowInvalidCertificates=YES;    //allow unsigned
 manager.responseSerializer=[AFJSONResponseSerializer serializer];   //set up for JSOn  
 [manager POST:@"myweb.com" parameters:parameters success:^(AFHTTPRequestOperation *operation, id responseObject) {
     //success stuff
 }failure:^(AFHTTPRequestOperation *operation, NSError *error) {
     //error stuff
}];

EDIT - swift version:

    var securityPolicy = AFSecurityPolicy()
    securityPolicy.allowInvalidCertificates = true;
    manager.securityPolicy = securityPolicy;
    manager.POST(
        "https://exmaple.com/foobar.php",
        nil,
    ...

Answer 2

You should subclass the AFHttpClient,and override

- (AFHTTPRequestOperation *)HTTPRequestOperationWithRequest:(NSURLRequest *)request 
                                                success:(void (^)(AFHTTPRequestOperation *operation, id responseObject))success
                                                failure:(void (^)(AFHTTPRequestOperation *operation, NSError *error))failure;

This is my code.

- (AFHTTPRequestOperation *)HTTPRequestOperationWithRequest:(NSURLRequest *)urlRequest success:(void (^)(AFHTTPRequestOperation *, id))success failure:(void (^)(AFHTTPRequestOperation *, NSError *))failure
{
    AFHTTPRequestOperation *operation = [super HTTPRequestOperationWithRequest:urlRequest success:success failure:failure];

    [operation setAuthenticationAgainstProtectionSpaceBlock:^BOOL(NSURLConnection *connection, NSURLProtectionSpace *protectionSpace) {
        return YES;
    }];
    [operation setAuthenticationChallengeBlock:^(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge) {
        if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
            [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
        }
    }];
    return operation;
}

you use this httpclient and it can access self-unsigned web successfully.

Answer 3

This is the best method for allowign invalid SSL certificates with AFNetworking.

use add a _AFNETWORKING_ALLOW_INVALID_SSL_CERTIFICATES_ to

project > Build Settings > Preprocessor Macros and add it to Debug entry.

Hope it Helps

Answer 4

Note that if you are installing through CocoaPods, #define-ing this macro in your project will not be enough--the compiler macro must be set when compiling the static library in order for it to take effect.

Answer 5

I am using RestKit so

client.allowsInvalidSSLCertificate = YES;

does not work. The option is not propagated to the operations created by restkit.

I am using cocoapods so any changes in the pch file or the pods project get overriden. The "hack" I have been using is a cocoapod post-install operation that adds the required preprocessor definition. At the end of my pod file I have added:

post_install do |installer_representation|
  installer_representation.project.targets.each do |target|
    if target.name == 'Pods-AFNetworking'
      target.build_configurations.each do |config|
        config.build_settings['GCC_PREPROCESSOR_DEFINITIONS'] ||= ['$(inherited)']
        config.build_settings['GCC_PREPROCESSOR_DEFINITIONS'] << '_AFNETWORKING_ALLOW_INVALID_SSL_CERTIFICATES_=1'
      end
    end
  end
end

Answer 6

You can now use the allowsInvalidSSLCertificate property of the AFHTTPClient. No need to use defines in the latest versions of AFNetworking.

AFHTTPClient* client = [AFHTTPClient clientWithBaseURL:@"url"];
client.allowsInvalidSSLCertificate = YES; //this defaults to no