如何将AVPlayer与HTTPS和自签名服务器证书一起使用?
[英]How can I use an AVPlayer with HTTPS and self-signed server certificates?
问题描述
I have a server that uses self-signed SSL certificates for HTTPS. 
我有一台将自签名SSL证书用于HTTPS的服务器。 I have the self-signed root cert bundled into my app. 我将自签名的根证书捆绑到我的应用程序中。 I'm able to get NSURLSession to use and validate the self-signed root cert by using SecTrustSetAnchorCertificates() in the -URLSession:didReceiveChallenge:completionHandler: delegate method. 我可以通过在-URLSession:didReceiveChallenge:completionHandler:委托方法中使用SecTrustSetAnchorCertificates()来使NSURLSession使用和验证自签名根证书。
When I try this with AVPlayer , however, I get an SSL error and playback fails. 但是,当我使用AVPlayer尝试此操作时,出现SSL错误,并且播放失败。 This is my AVAssetResourceLoader delegate implementation: 这是我的AVAssetResourceLoader委托实现:
- (BOOL)resourceLoader:(AVAssetResourceLoader *)resourceLoader shouldWaitForResponseToAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
if ([challenge.protectionSpace.authenticationMethod isEqual:NSURLAuthenticationMethodServerTrust]) {
SecTrustRef trust = challenge.protectionSpace.serverTrust;
SecTrustSetAnchorCertificates(trust, (__bridge CFArrayRef)self.secTrustCertificates);
SecTrustResultType trustResult = kSecTrustResultInvalid;
OSStatus status = SecTrustEvaluate(trust, &trustResult);
if (status == errSecSuccess && (trustResult == kSecTrustResultUnspecified || trustResult == kSecTrustResultProceed)) {
[challenge.sender useCredential:[NSURLCredential credentialForTrust:trust] forAuthenticationChallenge:challenge];
return YES;
} else {
[challenge.sender cancelAuthenticationChallenge:challenge];
return YES;
}
}
return NO;
}
The delegate gets called, and the trustResult equates to kSecTrustResultUnspecified (which means "trusted, without explicit user override"), as expected. 如预期的那样,将调用委托,并且trustResult等于kSecTrustResultUnspecified (这意味着“可信,无显式用户覆盖”)。 However, playback fails shortly after, with the following AVPlayerItem.error : 但是,播放随后不久会失败,并显示以下AVPlayerItem.error :
Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made."
How can I get AVPlayer to accept the SSL handshake? 如何使AVPlayer接受SSL握手?
1 个解决方案
解决方案1
3 2016-09-12 17:00:56
This implementation has worked for me: 此实现对我有用:
- (BOOL)resourceLoader:(AVAssetResourceLoader *)resourceLoader
shouldWaitForResponseToAuthenticationChallenge:(NSURLAuthenticationChallenge *)authenticationChallenge
{
//server trust
NSURLProtectionSpace *protectionSpace = authenticationChallenge.protectionSpace;
if ([protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
[authenticationChallenge.sender useCredential:[NSURLCredential credentialForTrust:authenticationChallenge.protectionSpace.serverTrust] forAuthenticationChallenge:authenticationChallenge];
[authenticationChallenge.sender continueWithoutCredentialForAuthenticationChallenge:authenticationChallenge];
}
else { // other type: username password, client trust...
}
return YES;
}
However, it stopped working as of iOS 10.0.1 for a reason I have yet to discern. 但是,由于我尚未发现的原因,它从iOS 10.0.1开始停止工作 。 So this may or may not be helpful to you. 因此,这可能对您没有帮助。 Good luck! 祝好运!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.