Click here to Skip to main content
15,310,056 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hello everyone!! I am an iOS client and trying to connect to the remote server with my self signed certificate. I add it to the keychain and start socket connection. When I try my code with localhost, I see some encrypted messages, but when I try to connect to the remote server I get the error "no cipher suites in common". Could you please help me on that? Thanks in advance..

The code I work on is as follows

"
Objective-C
NSBundle *bundle = [NSBundle bundleForClass:[self class]];
NSData *iosTrustedCertDerData = [NSData dataWithContentsOfFile:[bundle pathForResource:@"keytool_crt"
                                                ofType:@"der"]];
CFDataRef myCertData = (__bridge_retained CFDataRef)iosTrustedCertDerData;


assert(myCertData);

SecCertificateRef myCert;
myCert = SecCertificateCreateWithData(NULL, myCertData);



SecPolicyRef myPolicy = SecPolicyCreateBasicX509();
SecCertificateRef certArray[1] = { myCert };
CFArrayRef myCerts = CFArrayCreate(
                                   NULL, (void *)certArray,
                                   1, NULL);


NSMutableDictionary *SSLOptions = [NSMutableDictionary dictionaryWithCapacity:3];
[SSLOptions setObject:[NSNumber numberWithBool:YES] forKey:(NSString *)kCFStreamSSLAllowsExpiredRoots];
[SSLOptions setObject:[NSNumber numberWithBool:YES] forKey:(NSString *)kCFStreamSSLAllowsExpiredCertificates];
[SSLOptions setObject:[NSNumber numberWithBool:YES] forKey:(NSString *)kCFStreamSSLAllowsAnyRoot];
[SSLOptions setObject:[NSNumber numberWithBool:NO] forKey:(NSString *)kCFStreamSSLValidatesCertificateChain];
[SSLOptions setObject:@"localhost:4444" forKey:(NSString *)kCFStreamSSLPeerName];
[SSLOptions setObject:(NSString *)kCFStreamSocketSecurityLevelNegotiatedSSL forKey:(NSString*)kCFStreamSSLLevel];
[SSLOptions setObject:(NSString *)kCFStreamSocketSecurityLevelNegotiatedSSL forKey:(NSString*)kCFStreamPropertySocketSecurityLevel];
[SSLOptions setObject:(__bridge id)(myCerts) forKey:(NSString *)kCFStreamSSLCertificates];
[SSLOptions setObject:[NSNumber numberWithBool:NO] forKey:(NSString *)kCFStreamSSLIsServer];





SecTrustRef myTrust;
OSStatus status = SecTrustCreateWithCertificates(
                                                 myCerts,
                                                 myPolicy,
                                                 &myTrust);
SecTrustResultType trustResult;
if (status == noErr) {
    status = SecTrustEvaluate(myTrust, &trustResult);  }

    NSLog(@"Status: %d", status);

    if (myPolicy){
    CFRelease(myPolicy);
    }


        CFReadStreamRef readStream;
        CFWriteStreamRef writeStream;
NSLog(@"Trying to connect to server");
        CFStreamCreatePairWithSocketToHost(NULL,
                                           (CFStringRef)@"localhost", //REMOTE SERVER IP ADDRESS ,
                                           4444,
                                           &readStream,
                                           &writeStream);

NSLog(@"Connection established");
        CFReadStreamSetProperty(readStream,
                                kCFStreamPropertySocketSecurityLevel,
                                kCFStreamSocketSecurityLevelTLSv1);
        CFReadStreamOpen(readStream);
        CFWriteStreamOpen(writeStream);


        NSInputStream *inputStream = (__bridge NSInputStream *)readStream;
        NSOutputStream *outputStream = (__bridge NSOutputStream *)writeStream;
       [inputStream setDelegate:self];
        [outputStream setDelegate:self];
        //
        [inputStream scheduleInRunLoop:[NSRunLoop mainRunLoop]
                                       forMode:NSDefaultRunLoopMode];
                [outputStream scheduleInRunLoop:[NSRunLoop mainRunLoop]
                                        forMode:NSDefaultRunLoopMode];
NSLog(@"Open input and output streams");


[inputStream open];
             [outputStream open];



NSLog(@"Input and output streams opened");

}

"
Posted
Updated 10-Aug-15 11:25am
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900