SSL CONNECTIONS FROM WITHIN IPHONE APPLICATIONS

SSL CONNECTIONS FROM WITHIN IPHONE APPLICATIONS

SIMULATOR

Download this configuration shell script, unzip and then double-click it on your Mac. This will backup and then add Charles's SSL CA certificate to the keychain for your iPhone and iPad simulator. You don't even have to restart the simulator for it to take effect, usually.

Alternatively, you can change your code so that NSURLConnection accepts any SSL certificate. Please see the question and answer on Stack Overflow:http://stackoverflow.com/questions/933331/how-to-use-nsurlconnection-to-connect-with-ssl-for-an-untrusted-cert

If you're only browsing a single website in Safari you can just accept the certificate in Safari and that will work for a while. If the SSL site is only being used to load resources such as images, then you'll need to visit it directly and accept the certificate before it will work.

DEVICE

iOS 4 and later

On the device, browse to http://charlesproxy.com/charles.crt then install the certificate.

iOS 3

On the device you need to install a Charles Proxy mobile configuration profile. This profile contains the Charles SSL CA certificate so that your device will then trust the SSL certificates that Charles creates, in the same way as the desktop does. In Safari on your device visithttp://charlesproxy.com/iphoneconf which will download the mobile configuration profile and prompt you to install.

========== overflow======

There is a supported API for accomplishing this! Add something like this to your NSURLConnectiondelegate:

- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
  return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
  if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
    if ([trustedHosts containsObject:challenge.protectionSpace.host])
      [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];

  [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}

Note that connection:didReceiveAuthenticationChallenge: can send its message to challenge.sender (much) later, after presenting a dialog box to the user if necessary, etc.