ios - SSL certificate FQDN for REST web service at a specific path -


i using ios connect server using certificate cn (commonname) , fqdn (fully qualified domain name) server.myexample.com. server certificate signed own root ca (whose certificate added anchor certs via sectrustsetanchorcertificates , verified via method described here using nsurlauthenticationchallenge).

with ios client, attempting connect rest service located at: server.myexample.com/path1/service1, kept receiving following error:

the certificate server invalid. might connecting server pretending “server.myexample.com” put confidential information @ risk.  error occurred while fetching https://server.myexample.com/path1/service1: error domain=nsurlerrordomain code=-1202 "the certificate server invalid.  might connecting server pretending “server.myexample.com”  put confidential information @ risk."

i additional messages same info specifying errors: nserrorfailingurlstringkey , nsurlerrorfailingurlpeertrusterrorkey.

i found call service server.myexample.com/service1 , removed path1 request url, , server certificate verification worked correctly. why this? under impression server needed 1 certificate, meaning services hosts using same certificate. maybe need separate server certificate per path? not aware paths after server ip address/domain needed have own certificate.

to summarize:

  • ios client app root ca certificate in anchor certs
  • server server1's certificate signed root ca has cn of server.myexample.com , fqdn https://server.myexample.com.
  • server server.myexample.com hosts service1 can accessed web browser via:
    • https://server.myexample.com/service1 (passes ios client's authentication of server)
    • https://server.myexample.com/path1/service1 (fails ios client's authentication of server)
  • ca , server certificates created via openssl

thanks in advance!


Comments

Post a Comment

Popular posts from this blog

c++ - End of file on pipe magic during open -

i have c++ application in starting process(wireshark) following. if (fp == null){ fp = popen(processpath, "r"); //processpath process want start if (!fp){ throw std::invalid_argument("cannot start process"); } fprintf(fp, d_msg);//d_msg input want provide process } else if(fp != null){ fprintf(fp, d_msg); } the problem when execute c++ application, start wireshark error end of file on pipe magic during open what should avoid that? also tried using mkfifo create named pipe , execute it. used this: if (fp == null){ system("mkfifo /tmp/mine.pcap"); fp = popen("wireshark -k -i /tmp/mine.pcap", "r"); if (!fp){ dout << "cannot start wireshark"<<std::endl; throw std::invalid_argument("cannot start wireshark"); } input = fopen("/tmp/mine.pcap", "wb"); fprintf(input , d_msg); fclose(input)...
Read more

basic authentication with http post params android -

i doing basic authentication passing username , password , using basicnamevaluepair sending post params response service. my method: public stringbuilder callservicehttppost(string username, string password, string type) { // create new httpclient , post header httpclient httpclient = new defaulthttpclient(); httppost httppost = new httppost(webservice + type); httpresponse response = null; stringbuilder total = new stringbuilder(); try { url url = new url(webservice + type); /*string base64encodedcredentials = base64.encodetostring((username + ":" + password).getbytes(), base64.url_safe | base64.no_wrap);*/ string base64encodedcredentials = "basic " + base64.encodetostring( (username + ":" + password).getbytes(), base64.no_wrap); httppost.setheader("auth...
Read more

data.table making a copy of table in R -

i doing this: myfun <- function(inputvar_vec){ # inputvar_vec input vector # # result = output vector return(result) } dt[, result := lapply(.sd, myfun), = byvar, .sdcols = inputvar] i getting following warning: warning message: `in `[.data.table`(df1, , `:=`(prop, lapply(.sd, propeventinlastk)), : invalid .internal.selfref detected , fixed taking copy of whole table, := can add new column reference. @ earlier point, data.table has been copied r (or been created manually using structure() or similar). (and more stuff) .... ` my guess because stacking result vectors (after operation), copy being made? can suggest method remove warning? have done using apply functions , thought should extendable here too. my other question is: can pass chunk of rows data frame (subsetted using statement), , call function myfun operate on that? adding example requested # generate data n = 10000 default=na value = 1 df = data.table(id = sample(1:5000, n, replace=true), ...
Read more