For me it's this: Objective-C on OSX and using invalid SSL Certificates with HTTPS for development.
The reason is simple, there's no official method to call to tell the system to ignore the certificate validity through public APIs. (you'd have thought sub-classing and overriding the method would work too.. but that's no go too).
So the only way around it is to override an undocumented and unpublished class method on NSURLRequest called allowsAnyHTTPSCertificateForHost: so that when it's called to validate the server SSL cert it returns "valid" (YES).
So what does this do? Well it takes the method implementation location for the original SSL Certificate check class method and then switches it for the location of the non-validating check class method I've defined in the class runtime. Class reprogramming on the fly.
So in short if my application uses any HTTPS now then it will call the method I've defined to allow my HTTPS to point to development services instead without needing a valid SSL certificate. Definitely not something todo on live boxes but still very useful.
The reason is simple, there's no official method to call to tell the system to ignore the certificate validity through public APIs. (you'd have thought sub-classing and overriding the method would work too.. but that's no go too).
So the only way around it is to override an undocumented and unpublished class method on NSURLRequest called allowsAnyHTTPSCertificateForHost: so that when it's called to validate the server SSL cert it returns "valid" (YES).
Code:
@implementation NicksClass
// my class method which returns YES.
+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString *)host {
return YES;
}
- (bool)installInsecureNoCheckValidation {
// setup the SSL certificate validation bypass.
Method methodCertCheck = class_getClassMethod([NSURLRequest class], @selector(allowsAnyHTTPSCertificateForHost:));
Method methodCertNoCheck = class_getClassMethod([NicksClass class], @selector(allowsAnyHTTPSCertificateForHost:));
if( !methodCertCheck ) {
NSLog(@"failed to locate NSURLRequest allowsAnyHTTPSCertificateForHost: implementation");
return NO;
}
if( !methodCertNoCheck ) {
NSLog(@"failed to locate NicksClass allowsAnyHTTPSCertificateForHost: implementation");
return NO;
}
method_exchangeImplementations(methodCertCheck, methodCertNoCheck);
return YES;
}
@end // end of class implementationSo what does this do? Well it takes the method implementation location for the original SSL Certificate check class method and then switches it for the location of the non-validating check class method I've defined in the class runtime. Class reprogramming on the fly.
So in short if my application uses any HTTPS now then it will call the method I've defined to allow my HTTPS to point to development services instead without needing a valid SSL certificate. Definitely not something todo on live boxes but still very useful.
