search

anaisbetts / ModernHttpClient

HttpClient implementations that use platform-native HTTP clients for :rocket:
MIT License
659 stars 261 forks source link

Self signed certificates #240

Closed MichaelRumpler closed 7 years ago

MichaelRumpler commented 7 years ago

If the server certificate is self signed, then my handler for ServicePointManager.ServerCertificateValidationCallback receives an empty certificate. Therefore I cannot check if the response is from the correct server.

For iOS in NSUrlSessionHandler.cs, DataTaskDelegate.DidReceiveChallenge I moved the lines

            if (serverCertChain.Count == 1)
            {
                errors = SslPolicyErrors.RemoteCertificateChainErrors;
                goto sslErrorVerify;
            }

down directly above the sslErrorVerify label and this seems to work. Now root will be set and passed on.

The same code seems to be in OkHttpNetworkHandler.cs, HostnameVerifier.verifyServerCertificate, but I didn't test that yet.

anaisbetts commented 7 years ago

Self-signed certificates are a feature (actually, the only feature) of ModernHttpClient Pro