如何生成用于公钥固定(SSL固定)的iOS证书
[英]How to generate iOS certificate for public key pinning(SSL pinning)
问题描述
I'm suppose to use SSL pinning(public key pinning) in my app. 
我想在我的应用程序中使用SSL固定(公共密钥固定)。 I'm new to this. 我是新来的。 Can somebody reply me with brief step of generating public key, csr file and SSL certificate for iOS. 有人可以通过生成iOS的公钥,csr文件和SSL证书的简短步骤答复我。
1 个解决方案
解决方案1
0 2017-02-13 13:43:51
Public key pinning means that you check the public key of a TLS certificate, when trying to initiate secure communications. 公钥固定意味着在尝试启动安全通信时,您检查TLS证书的公钥。 I see two ways you can do this: 我看到两种方法可以做到这一点:
1) Generate a self-signed certificate, using the OpenSSL tool. 1)使用OpenSSL工具生成自签名证书。 Install it on your back-end and enforce TLS. 将其安装在后端并实施TLS。 You have to add this certificate to the trusted list on the iOS device, or it will not work. 您必须将此证书添加到iOS设备上的受信任列表中,否则它将不起作用。
2) Use a real Let's Encrypt free TLS certificate: https://letsencrypt.org/ 2)使用真实的Let's Encrypt免费TLS证书: https : //letsencrypt.org/
To be able to give a correct and exact answer, I need to know if it is for personal or public use and if you have full control over back-end or not. 为了能够给出正确正确的答案,我需要知道它是供个人还是公共使用,以及您是否完全控制后端。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.