快速afnetworking SSL固定
[英]swift afnetworking ssl pinning
问题描述
var manager: AFHTTPSessionManager 
var manager:AFHTTPSessionManager
init() {
manager = AFHTTPSessionManager()
manager.requestSerializer = AFJSONRequestSerializer()
manager.responseSerializer = AFJSONResponseSerializer()
let securityPolicy = AFSecurityPolicy(pinningMode: AFSSLPinningMode.Certificate)
let certificatePath = NSBundle.mainBundle().pathForResource("c38acbe05a6328ee", ofType: "crt")!
let certificateData = NSData(contentsOfFile: certificatePath)!
securityPolicy.pinnedCertificates = [certificateData]
securityPolicy.validatesDomainName = false
securityPolicy.allowInvalidCertificates = false
manager.securityPolicy = securityPolicy
}
I've been trying to get this working for some time now. 我一直在尝试使它工作一段时间。 Swift documentation is sparce, but I'm getting better at reading obj-c. Swift文档很少,但是我在阅读obj-c方面越来越好。 The cert is in PEM format, I've tried that and converting to .der format. 该证书采用PEM格式,我已经尝试过并将其转换为.der格式。 Der format blows up in init(), .PEM format blows up in evaluateServerTrust. Der格式在init()中被炸毁,.PEM格式在evaluateServerTrust中被炸毁。 I tried in AFNetworking 2.5.1 and upgraded to 3.0.4 - same issue. 我在AFNetworking 2.5.1中尝试过并升级到3.0.4-同样的问题。 I've tried every combination of true and false for the following. 我已经尝试过将true和false的每种组合用于以下方面。
securityPolicy.validatesDomainName = false securityPolicy.allowInvalidCertificates = false securityPolicy.validatesDomainName =否securityPolicy.allowInvalidCertificates =否
Any insight would be greatly appreciated. 任何见识将不胜感激。 Thank you 谢谢
1 个解决方案
解决方案1
0 2016-02-12 20:34:56
After much research and trial ... I decide to move to Alamofire 3.0 and the solution came. 经过大量研究和试验……我决定迁移到Alamofire 3.0,解决方案问世了。 Note the following: The certificate must be in .der format. 请注意以下几点:证书必须为.der格式。 Mine was in .pem format. 我的是.pem格式。 My certifcate was for the "leaf" ie, the certificate chain was not included. 我的证书用于“叶子”,即不包括证书链。 For iOS 9.0 I had to add the ATS transport for my server. 对于iOS 9.0,我必须为服务器添加ATS传输。
Working example: 工作示例:
var manager: Manager
init() {
let serverTrustPolicies: [String: ServerTrustPolicy] = [
"myserver.com": .PinCertificates(
certificates: ServerTrustPolicy.certificatesInBundle(),
validateCertificateChain: false,
validateHost: true
)
]
manager = Alamofire.Manager(configuration: NSURLSessionConfiguration.defaultSessionConfiguration(),
serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies))
}
let email = defaults.objectForKey("email") as? String
let beacon = defaults.objectForKey("beacon") as? String
let credential = NSURLCredential(user: email!, password: beacon!, persistence: NSURLCredentialPersistence.ForSession)
manager.request(.GET, url, encoding: .JSON)
.authenticate(usingCredential: credential)
.responseJSON { response in
switch response.result {
case .Success(let data):
print(data)
self.delegate?.didReceivePersonResults!(data as! NSDictionary)
case .Failure(let error):
print(error)
self.delegate?.didReceivePersonError!("Server Error")
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.