Restrict my iPhone application to use only one server certificate

My application uses ASIHttpRequest for my server communication. I have a requirement that I should block HTTP protocol cos I dont wont to transmit that data over insecure link. So only SSL over HTTPS will be allowed. Also even thought the link is HTTPS I need to ensure that I am calling to the correct certificate. So I need a server certificate validation in my code. Please guide me how to do this.

I researched on this. I found few possible answers. One is to create a client certificate and do the validation. Also there are ways to "Client certificates support" under ASIHttpR开发者_如何学JAVAequest documentation. So how to achieve my requirements above. Also integration of CFNetwork code into ASIHttpRequest will also do.

Regards,

Dilshan

You can get a validated certificate from an certificate authority like StartSSL or Thawte. Then iOS checks if the certificate is trusted by an authority. iOS comes with different trusted authorites.

If the server certificate is not validated by an authority the connection is rejected.

You don't need to do something special in code. Only use a https connection.