cmd-line tests fail with SSL certificate error

345 views Asked by At

After encountering a bunch of problems related to coverage flushing (fixed) and test output being consumed (not fixed), I decided to give Cedar and GH-Unit a try as an alternative to XCTest.

Unfortunately this presents a new problem:

  • When launching from the IDE everything goes well.
  • When launching form the cmd-line, I get SSL certificate errors

Error summary:

Error Domain=com.biasedbit.http Code=60 "Peer certificate cannot be authenticated with given CA certificates" 

How can I fix this? (And for extra points) Why would the certificate be known when launching from the IDE, but not from the command line?

1

There are 1 answers

0
Jasper Blues On

From the cmd-line it's necessary to explicitly specify that invalid/self-signed SSL certificates should be allowed. I'm still not sure why this was not necessary when running via the IDE, but that's another question.

Setting Accept Invalid Certificates

  • With core apple APIs this can be a bit tricky. Its seems to be either a private API, or foregoing blocks.
  • This is supported with AFNetworking.

With the network stack I'm using (BBHTTP, which by the way is seriously nice and it seems under-rated) this is as simple as:

[[BBHTTPRequest postToURL:_serviceUrl data:[envelope data] contentType:@"text/xml"] setup:^(BBHTTPRequest* request)
{
    request.allowInvalidSSLCertificates = YES;
} execute:^(BBHTTPResponse* response)
{
    if (_logResponses)
    {
        LogDebug(@"\n\n$$$$$$$$$ Got response: %@", [[NSString alloc] initWithData:[response content] encoding:NSUTF8StringEncoding]);
    }

    //etc .. . . 

} error:^(NSError* error)
{
    //etc .. . . 
}];