堆栈内存溢出
  简体   繁体   English

iOS 应用 SSL 握手失败

[英]iOS app SSL handshake failed

 原文  2013-04-02 15:31:26       ios/ ssl/ https

问题描述

I am making an app to login to an aspx website over HTTPS by passing login credentials in a post method.我正在制作一个应用程序,通过在 post 方法中传递登录凭据来通过 HTTPS 登录到 aspx 网站。 When checking the response using Charles Proxy I can see a SSL Handshake failed error from seal.verisign.com, I am then taken back to the login page.使用 Charles Proxy 检查响应时,我可以看到来自 Seal.verisign.com 的 SSL Handshake failed 错误,然后我被带回登录页面。 I am not sure what I need to do to solve this issue.我不确定我需要做什么来解决这个问题。

I am testing this in the iPhone simulator.我正在 iPhone 模拟器中对此进行测试。

I do not have access to the server implementation.我无权访问服务器实现。

Any ideas?有任何想法吗?

Thank you!谢谢!

8 个解决方案

解决方案1
 149  2017-05-08 13:53:59

On iOS >= 10.3, after installing the Charles Proxy certificate (as per @ashish-verma's excellent answer), you also need to enable it through Settings -> General -> About -> Certificate Trust Settings :在 iOS >= 10.3 上,安装 Charles Proxy 证书后(根据@ashish-verma 的优秀回答),您还需要通过Settings -> General -> About -> Certificate Trust Settings启用它:

在 iOS 10.3 及更高版本上启用 SSL 根证书

Full setup here: http://www.devsbedevin.net/debugging-ios-ssl-traffic/完整设置在这里: http : //www.devsbedevin.net/debugging-ios-ssl-traffic/

解决方案2
 18  2017-05-03 23:48:02

If installing the certificate still doesn't help you, then it may be due to SSL Pinning.如果安装证书仍然对您没有帮助,则可能是由于 SSL Pinning。

From charlesproxy.com:来自 charlesproxy.com:

SSL Pinning Note that some apps implement SSL certificate pinning which means they specifically validate the root certificate. SSL 锁定 请注意,某些应用程序实现了 SSL 证书锁定,这意味着它们专门验证根证书。 Because the app is itself verifying the root certificate it will not accept Charles's certificate and will fail the connection.因为应用程序本身正在验证根证书,所以它不会接受 Charles 的证书并且会导致连接失败。 If you have successfully installed the Charles root SSL certificate and can browse SSL websites using SSL Proxying in Safari, but an app fails, then SSL Pinning is probably the issue .如果您已成功安装 Charles 根 SSL 证书,并且可以在 Safari 中使用 SSL 代理浏览 SSL 网站,但应用程序失败,则 SSL Pinning 可能是问题所在

解决方案3
 14  2013-04-22 22:42:21

Perhaps testing on an actual device will give more insight?也许在实际设备上进行测试会提供更多见解?

To do that in Charles:要在查尔斯中做到这一点:

  1. Goto Proxy: Proxy Settings...转到代理:代理设置...
  2. Proxies tab: Enter "8888" in the HTTP Proxy port: field代理选项卡:在 HTTP 代理端口:字段中输入“8888”
  3. SSL Tab: make sure the "Enable SSL Proxying" is on SSL 选项卡:确保“启用 SSL 代理”已打开

On your dev machine:在您的开发机器上:

  1. Goto System Preferences: Network: Wifi: Advanced: TCP/IP Tab: Make note of the IPV4 Address: (ie 10.0.1.101)转到系统偏好设置:网络:Wifi:高级:TCP/IP 选项卡:记下 IPV4 地址:(即 10.0.1.101)

On your iDevice:在您的 iDevice 上:

  1. Goto http://charlesproxy.com/charles.crt from your device and download Charles SSL certificate从您的设备转到http://charlesproxy.com/charles.crt并下载 Charles SSL 证书
  2. Okay the certificate as trusted (be sure to disable or remove it once you're done)好的证书是可信的(完成后一定要禁用或删除它)
  3. Goto the Settings App: Wifi: Select the detailed disclosure button (round blue button with the white arrow) for your network转到设置应用程序: Wifi:为您的网络选择详细的披露按钮(带有白色箭头的圆形蓝色按钮)
  4. Under HTTP Proxy, select "Manual"在 HTTP 代理下,选择“手动”
  5. Enter in the address from step (dev machine 1.) into the Server field, and the port number from step (charles 2.)在服务器字段中输入步骤 (dev machine 1.) 中的地址,以及步骤 (charles 2.) 中的端口号

Finally:最后:

  1. Restart Charles重启查尔斯
  2. Run Safari on your iDevice to test.在您的 iDevice 上运行 Safari 进行测试。 This should prompt Charles to display a dialog box to allow or deny SSL proxying.这应该会提示 Charles 显示一个对话框来允许或拒绝 SSL 代理。 Obviously allow and you should be good to go.显然允许,你应该很高兴。

More Info at Charles's site: http://www.charlesproxy.com/documentation/proxying/ssl-proxying/查尔斯网站上的更多信息: http : //www.charlesproxy.com/documentation/proxying/ssl-proxying/

Also, are you getting a response to the connection:(NSURLConnection*)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge*)challenge method?另外,您是否收到了对连接的响应:(NSURLConnection*)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge*)challenge 方法?

解决方案4
 3  2016-12-27 14:00:53

You need to install SSL certificate to resolve this issue.您需要安装 SSL 证书才能解决此问题。

Follow these steps按着这些次序

  1. Open Safari browser on iOS SimulatoriOS模拟器上打开Safari浏览

  2. Type "www.charlesproxy.com/getssl" in address bar在地址栏中输入“www.charlesproxy.com/getssl”

  3. Install the SSL certificate安装SSL证书
  4. Restart Charles Proxy重启Charles 代理

解决方案5
 1  2013-04-02 15:42:42

It is possible that the server doesn't have a valid certificate for the url you are using.服务器可能没有您使用的 url 的有效证书。 Did you check that?你检查了吗?

If you try the url using a browser, does it give you a warning?如果您使用浏览器尝试 url,它是否会给您警告?

解决方案6
 0  2016-10-29 03:04:19

You have to install SSL certificate on mobile device.您必须在移动设备上安装 SSL 证书。

Search online for how to install SSL certificate for Charles Proxy.在线搜索如何为 Charles Proxy 安装 SSL 证书。

解决方案7
 0  2017-07-13 05:36:09

删除所有旧用户凭据,然后重新安装新的 ssl 证书。

解决方案8
 0  2020-02-26 14:22:05

如果在模拟器上运行,只需重启 Charles Proxy 和模拟器,确保 Charles Proxy 先启动

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 iOS SSL握手失败 - iOS SSL handshake failed 在iOS应用中唯一标识SSL握手 - Uniquely identify SSL Handshake in iOS app Couchbase Lite iOS和带SSL的服务器 - 握手失败:400错误请求 - Couchbase Lite iOS and Server with SSL - Handshake failed: 400 Bad Request iOS和Erlang-SSL握手失败,并带有自签名证书 - iOS and Erlang - SSL Handshake failed with self signed certificates 仅在IOS上SSL握手失败 - SSL handshake fail on IOS only Linphone IOS:SSL握手失败:X509-证书验证失败 - Linphone IOS: SSL handshake failed : X509 - Certificate verification failed SSL握手失败9801-TCP连接-Xcode 7 - SSL Handshake failed 9801 - TCP connection - Xcode 7 iOS:SocketRocket-如何实现SSL握手 - iOS: SocketRocket - How to implement SSL Handshake iOS推送通知(APN)超过GAE,SSL握手失败 - iOS Push Notifications (APNs) over GAE, SSL Handshake Failure iOS到Node.js后端SSL握手失败 - iOS to Node.js Backend SSL handshake failing
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM