Untrusted server certificate error on API call

aral's Avatar


26 Sep, 2009 04:23 PM

Hey guys,

I'm getting the following error when I try to hit https://[email blocked]:[email blocked]:

Error Domain=NSURLErrorDomain Code=-1202 UserInfo=0x501c400 "untrusted server certificate"

Any ideas? Are you guys using an untrusted/self-signed SSL cert or am I messin' up somehow? :)


  1. 1 Posted by aral on 26 Sep, 2009 09:26 PM

    aral's Avatar

    OK, I've worked around the untrusted certificate using a private API (may the iPhone reviewer gods have mercy on my app) but now I'm getting the following error back:

    <H1>Method Not Allowed</H1>
    The request method <code>POST</code> is inappropriate for the URL <code>/avit/categories/15530/discussions</code>.

    (I get that with and without the colon (/:15530/discussions also gives the same error) – not sure if the colon is required or a typo on the docs.

    Anything glaringly wrong with the URL?


  2. 2 Posted by aral on 26 Sep, 2009 10:20 PM

    aral's Avatar

    OK, got it working.

    The error above was resolved by actually adding an Authentication header instead of adding the authentication details to the url string.

    I then started getting missing argument errors. I had simply copied the example in the docs and not paid attention that the Content-Type was JSON so I was sending a variable-encoded string (as per the docs) instead of a JSON string. Sending a JSON string in the POST vars fixed that.

    So, all's good. Not sure if the docs need updating on the JSON string for creating discussions.

  3. 3 Posted by Kyle Neath (Git... on 27 Sep, 2009 08:52 PM

    Kyle Neath (GitHub Staff) 's Avatar

    Hmm, do you have any more details on how you were creating the request? (A sample http://hurl.it/ would do wonders). Our API is pretty flexible in the way it parses headers/variables, so there's lots of combinations of ways you can craft requests.

  4. 4 Posted by aral on 05 Dec, 2009 03:04 PM

    aral's Avatar

    Just wanted to post a quick update: I just tested and it appears that you're no longer using a self-signed cert (which is great news as Apple is now sweeping for private API calls and the alternative is to include a whole darn library just to work around that one private call.)

    So, in short: yay! Thanks for getting a real SSL cert :)

  5. Support Staff 5 Posted by Courtenay on 05 Dec, 2009 07:46 PM

    Courtenay's Avatar

    We didn't change the cert :) it's been the same one the whole time.

  6. 6 Posted by aral on 05 Dec, 2009 08:22 PM

    aral's Avatar

    Hmm, weird! Oh well, it's working now... *feels slight trepidation* :)


  7. Will closed this discussion on 06 Dec, 2009 12:27 AM.

Discussions are closed to public comments.
If you need help with Tender please start a new discussion.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac