UPDATE

Nathan advises me that overriding the allowsAnyHTTPSCertificateForHost:... method is likely to cause AppStore to reject the application due to the use of a private API.

So... if you are developing an application for personal use or for your own enterprise, go right ahead. But, if you intend to release your application on the AppStore, you'll need to use a different method. Nathan suggests using CFNetwork or a CFNetwork wrapper like ASIHTTPRequest. It wraps the lower-level CFNetwork APIs and provides a setValidatesSecureCertificate:... method.

Original posting is below:

As many others have in the past, I recently encountered an error trying access a REST service via HTTPS from a server with a self-signed certificate. The connection was reporting an "untrusted server certificate" error (NSURLErrorDomain -1202).

Since my code was attempting to retrieve data from the REST service synchronously, and was not using the delegate approach with NSURLConnection, I needed a simple way to tell the NSURLRequest to accept any server certificate.

Thanks to a response from Nathan de Vries at StackOverflow, the easiest way is to add the following code snippet to your AppDelegate implementation file:

@implementation NSURLRequest(AllowAllCerts)

+ (BOOL) allowsAnyHTTPSCertificateForHost:(NSString *) host {
    return YES;
}

@end

This example will allow certificates from any host. If you want to restrict this behaviour to a specific host or list of hosts, add your own code inside the allowsAnyHTTPSCertificateForHost:... method and return YES or NO depending on the host parameter.