Error: The certificate for this server is invalid. When access docs.google.com in iPhone/iPod

[GoogleCodeExporter]

Problem: 
Error: The certificate for this server is invalid. You might be connecting to a 
server that is pretending to be “docs.google.com” which could put your 
confidential information at risk.

What steps will reproduce the problem?
1. Open file: "Source/Networking/GDataHTTPFetcher.m"
2. Go to delegate method
-(void)connection:(NSURLConnection *)connection
       didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {

3. Add one delegate methods above or bellow
//-----:Edited By Amit Kalariya At 21,July 2010:-----
- (BOOL)connection: ( NSURLConnection * )connection 
canAuthenticateAgainstProtectionSpace: ( NSURLProtectionSpace * ) 
protectionSpace {
    return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
//---------------------------------------------------

4. Enjoy ! :)

Original issue reported on code.google.com by amitkvir...@gmail.com on 21 Jul 2010 at 10:48

[GoogleCodeExporter]

Trusting an invalid server certificate this way is a dangerous workaround.

What URL is being fetched when the certificate error occurs?

Original comment by gregrobbins on 21 Jul 2010 at 7:09

[GoogleCodeExporter]

https://www.google.com/accounts/ClientLogin

Then we need to check if URL is "https://www.google.com/accounts/ClientLogin" 
then only NSURLAuthenticationMethodServerTrust

Original comment by amitkvir...@gmail.com on 22 Jul 2010 at 4:59

[GoogleCodeExporter]

https://www.google.com/accounts/ClientLogin has a valid certificate. Explicitly 
trusting an invalid certificate at that address would put your software at 
great risk from a security attack.

While there may be a problem with the certificates on iPhones in general, or 
you may have a proxy that is mishandling the login URL, I suspect it's more 
likely a problem with the certificate on your particular device.

Original comment by gregrobbins on 22 Jul 2010 at 5:26

[GoogleCodeExporter]

Then please guide me best way to use GData API for gDocs on iPhone application.

My gDocs application is working fine on iPad but can't work on iPhone or iPod 
Touch.

It's return me Error: The certificate for this server is invalid. You might be 
connecting to a server that is pretending to be “docs.google.com” which 
could put your confidential information at risk.

Original comment by amitkvir...@gmail.com on 22 Jul 2010 at 5:52

[GoogleCodeExporter]

Have you reproduced this on multiple hardware devices and in the simulator?

Original comment by gregrobbins on 22 Jul 2010 at 8:34

[GoogleCodeExporter]

What version if the iPhone OS are you testing with? Have you tried other 
versions?

Original comment by gregrobbins on 22 Jul 2010 at 8:54

[GoogleCodeExporter]

I have use simulator of iPhone os 4 and it's not working but simulator of iPad 
os 3.2 working fine.... :(

And I have letest SDK so i can't test with other OS... 

Please guide me properly what I need to do

Thanks - Amit

Original comment by amitkvir...@gmail.com on 23 Jul 2010 at 6:46

[GoogleCodeExporter]

Likely a certificate problem on the specific computer, as no other reports of 
issues from users. This isn't a problem we can fix in the library.

Original comment by gregrobbins on 5 Nov 2010 at 1:57

• Changed state: WontFix

[GoogleCodeExporter]

I have the same issue except I'm using youtube and picasa.

the exactly same code will work just fine on my iPhone 4S and the simulator but 
it won't work on iPod touch.

It's not the certificate problem on the specific computer or the device.  I 
believe it's in the gdata code.

I just don't understand why the exactly same code will work fine on one device 
or simulator and just not working on another?

Original comment by torih...@gmail.com on 22 Nov 2011 at 2:11

[GoogleCodeExporter]

There is no certificate/security code in the GData library. It just uses 
Apple's NSURLConnection, as does most software on iOS.

Original comment by g...@coldnose.net on 22 Nov 2011 at 5:44

[GoogleCodeExporter]

yeah.  somehow, on iPod touch, it does not like that https certificate for data 
stuff.

the way to get around is not to use https in gdata.

Any idea how to turn off the https and use http intend in gdata?  some kinda 
switch / flag or something?

Original comment by torih...@gmail.com on 5 Dec 2011 at 2:03

[GoogleCodeExporter]

Google policy is to serve APIs via https to protect user privacy. This will 
have to be fixed on the device.

Original comment by grobb...@google.com on 5 Dec 2011 at 2:16

[GoogleCodeExporter]

Check the clock on the ipod.  I failure of HTTPS is usually related to the 
clock being wrong.

Original comment by thomasvl@google.com on 5 Dec 2011 at 2:24