EMTlsConfiguration

Objective-C


@interface EMTlsConfiguration : NSObject

Swift

class EMTlsConfiguration : NSObject

A class representing a TLS configuration.

  • Constructs a EMTlsConfiguration object whose settings are all NO.

    This is the most secure configuration for the communication link.

    Declaration

    Objective-C

    - (instancetype)init;

    Swift

    convenience init!()

    Return Value

    New instance of a EMTlsConfiguration.

  • Constructs a EMTlsConfiguration object whose settings are all NO, with ability to set timeout interval.

    This is the most secure configuration for the communication link.

    Since

    3.0

    Declaration

    Objective-C

    - (instancetype)initWithTimeout:(NSTimeInterval)timeout;

    Swift

    convenience init!(timeout: TimeInterval)

    Parameters

    timeout

    The timeout of the connection in seconds.

    Return Value

    New instance of a EMTlsConfiguration.

  • Constructs a EMTlsConfiguration object whose settings are configured in this constructor.

    Warning

    It is not recommended to override these settings in a production environment. Allowing any of these configurations will reduce the security of the communication link with the server.

    Warning

    The insecure permits could only used in debug build for test purpose. They were not allowed to be used in release mode since 3.0 version.

    Declaration

    Objective-C

    - (instancetype)initWithInsecureConnectionAllowed:
                        (BOOL)insecureConnectionAllowed
                                selfSignedCertAllowed:(BOOL)selfSignedCertAllowed
                              hostnameMismatchAllowed:(BOOL)hostnameMismatchAllowed;

    Swift

    convenience init!(insecureConnectionAllowed: Bool, selfSignedCertAllowed: Bool, hostnameMismatchAllowed: Bool)

    Parameters

    insecureConnectionAllowed

    If YES, then either an unencrypted (http) or an encrypted (https) connection is allowed. If NO, then only encrypted connections are allowed.

    selfSignedCertAllowed

    If YES, then a connection will accept a self signed server certificate. If NO, then a connection whose server certificate is not signed by a certificate authority on the device is rejected.

    hostnameMismatchAllowed

    If YES, then a connection will accept a server certificate whose common name (CN) does not match the URL’s domain. If NO, then a connection whose server certificate’s CN does not match the URL’s domain is rejected. This setting is ignored if self signed certificates are allowed.

    Return Value

    New instance of a EMTlsConfiguration.

  • Constructs a EMTlsConfiguration object whose settings are configured in this constructor.

    Warning

    It is not recommended to override these settings in a production environment. Allowing any of these configurations will reduce the security of the communication link with the server.

    Warning

    The insecure permits could only used in debug build for test purpose. They were not allowed to be used in release mode since 3.0 version.

    Declaration

    Objective-C

    - (instancetype)initWithInsecureConnectionAllowed:
                        (BOOL)insecureConnectionAllowed
                                selfSignedCertAllowed:(BOOL)selfSignedCertAllowed
                              hostnameMismatchAllowed:(BOOL)hostnameMismatchAllowed
                                              timeout:(NSTimeInterval)timeout;

    Swift

    convenience init!(insecureConnectionAllowed: Bool, selfSignedCertAllowed: Bool, hostnameMismatchAllowed: Bool, timeout: TimeInterval)

    Parameters

    insecureConnectionAllowed

    If YES, then either an unencrypted (http) or an encrypted (https) connection is allowed. If NO, then only encrypted connections are allowed.

    selfSignedCertAllowed

    If YES, then a connection will accept a self signed server certificate. If NO, then a connection whose server certificate is not signed by a certificate authority on the device is rejected.

    hostnameMismatchAllowed

    If YES, then a connection will accept a server certificate whose common name (CN) does not match the URL’s domain. If NO, then a connection whose server certificate’s CN does not match the URL’s domain is rejected. This setting is ignored if self signed certificates are allowed.

    timeout

    The timeout of the connection in seconds.

    Return Value

    New instance of a EMTlsConfiguration.

  • Constructs a EMTlsConfiguration object whose settings are configured in this constructor. This API will do the certificate pinning check.

    Warning

    It is not recommended to override these settings in a production environment other than the certificates to pin. Allowing any of these configurations will reduce the security of the communication link with the server.

    Warning

    The insecure permits could only used in debug build for test purpose. They were not allowed to be used in release mode since 3.0 version.

    Warning

    iOS client only allows certificate from the content of file with the following format: X.509 Certificate (DER)

    Warning

    iOS client does not support certificate from the content of file with the following format:
    • X.509 Certificate (PEM)
    • X.509 Certificate with chain (PEM)
    • X.509 Certificate (PKCS#7)
    • X.509 Certificate with chain (PKCS#7).

    Since

    4.5

    Declaration

    Objective-C

    - (instancetype)initWithCertificates:(NSArray *)certificates
               insecureConnectionAllowed:(BOOL)insecureConnectionAllowed
                   selfSignedCertAllowed:(BOOL)selfSignedCertAllowed
                 hostnameMismatchAllowed:(BOOL)hostnameMismatchAllowed
                                 timeout:(NSTimeInterval)timeout;

    Swift

    init!(certificates: [Any]!, insecureConnectionAllowed: Bool, selfSignedCertAllowed: Bool, hostnameMismatchAllowed: Bool, timeout: TimeInterval)

    Parameters

    certificates

    List of certificates data to be checked for pinning.

    insecureConnectionAllowed

    If YES, then either an unencrypted (http) or an encrypted (https) connection is allowed. If NO, then only encrypted connections are allowed.

    selfSignedCertAllowed

    If YES, then a connection will accept a self signed server certificate. If NO, then a connection whose server certificate is not signed by a certificate authority on the device is rejected.

    hostnameMismatchAllowed

    If YES, then a connection will accept a server certificate whose common name (CN) does not match the URL’s domain. If NO, then a connection whose server certificate’s CN does not match the URL’s domain is rejected. This setting is ignored if self signed certificates are allowed.

    timeout

    The timeout of the connection in seconds.

    Return Value

    New instance of a EMTlsConfiguration.

  • Whether or not an insecure connection is allowed.

    Declaration

    Objective-C

    @property (nonatomic, readonly, getter=isInsecureConnectionAllowed) BOOL insecureConnectionAllowed;

    Swift

    var isInsecureConnectionAllowed: Bool { get }

    Return Value

    If YES, then either an unencrypted (http) or an encrypted (https) connection is allowed. If NO, then only encrypted connections are allowed.

  • Whether or not self signed certificate is allowed.

    Declaration

    Objective-C

    @property (nonatomic, readonly, getter=isSelfSignedCertAllowed) BOOL selfSignedCertAllowed;

    Swift

    var isSelfSignedCertAllowed: Bool { get }

    Return Value

    If YES, then a connection will accept a self signed server certificate. If NO, then a connection whose server certificate is not signed by a certificate authority on the device is rejected.

  • Whether or not to allow mismatch between common name (CN) of the server certificates and domain name of the URL.

    Declaration

    Objective-C

    @property (nonatomic, readonly, getter=isHostnameMismatchAllowed) BOOL hostnameMismatchAllowed;

    Swift

    var isHostnameMismatchAllowed: Bool { get }

    Return Value

    If YES, then a connection will accept a server certificate whose common name (CN) does not match the URL’s domain. If NO, then the connection is rejected. This setting is ignored if self signed certificates are allowed.

  • Gets the timeout of the connection.

    Declaration

    Objective-C

    @property (nonatomic, readonly) NSTimeInterval timeout;

    Swift

    var timeout: TimeInterval { get }

    Return Value

    Returns the timeout in seconds.

  • Get the certificates.

    Since

    4.5

    Declaration

    Objective-C

    @property (nonatomic, readonly) NSArray *certificates;

    Swift

    var certificates: [Any]! { get }

    Return Value

    Returns the certificates.