Using Invalid SSL Certs with Cocoapods #764

Closed
kcharwood opened this Issue Jan 30, 2013 · 9 comments

Comments

Projects
None yet
2 participants
Contributor

kcharwood commented Jan 30, 2013

So I'm late to the game, but I've finally started migrating some projects to Cocoapods.

I've ran into an issue where I have a project that connects to a dev server with an invalid SSL certificate, and in the past I have been simply setting the preprocessor macro _AFNETWORKING_ALLOW_INVALID_SSL_CERTIFICATES_ in my dev configuration.

However, now with Cocoapods, that isn't being set when the Pod library is being built, so my dev configuration is now busted.

Should this be a problem somehow fixed with Cocoapods, or should we had a property on both the AFURLConnectionOperation and the AFHTTPClient to allow invalid certificates?

Contributor

kcharwood commented Feb 1, 2013

Just for fun, I put together a commit that could show the possible change. 9ba4838

I also added backwards compatibility by automatically setting the property to yes if _AFNETWORKING_ALLOW_INVALID_SSL_CERTIFICATES_ is found.

Note I didn't add anything to the client. If you need to do at that level, override HTTPOperationForRequest:... and set it there for every operation.

Contributor

mattt commented Feb 1, 2013

Thanks for pointing this out, @kcharwood. There is an ongoing discussion in #705 about this, and this will be resolved as soon as the change over to a property is merged into master.

Contributor

kcharwood commented Feb 1, 2013

Any need to submit a pull request for my implementation above, or let #705 handle the whole thing?

Contributor

mattt commented Feb 3, 2013

@kcharwood: #705 should handle it. I'm merging that in now. Thanks again.

@mattt mattt closed this Feb 3, 2013

Contributor

kcharwood commented Mar 24, 2013

Hey @mattt,

I don't think this issue got addressed in 1.2.

We still have the issue where using this feature for a dev server with cocoapods is not graceful. Did it just get overlooked?

Contributor

kcharwood commented Mar 24, 2013

@mattt, actually I just saw your comment in #834, but I don't quite understand the implementation yet. What's the preferred way of allowing an invalid certificate now with those changes?

Congrats on 1.2 btw!

@mattt mattt reopened this Mar 25, 2013

Contributor

mattt commented Mar 25, 2013

Oh geez, I didn't read that carefully enough. Totally conflated invalid and pinning. I'll take a look at adding this for the next release.

Contributor

kcharwood commented Mar 25, 2013

Want me to update this pull request with AFN 1.2?

Contributor

kcharwood commented Mar 25, 2013

Closing this and moving discussion to the pull request in #873

@kcharwood kcharwood closed this Mar 25, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment