[英]Certificate pinning stopped working in swift 3/Alamofire 4?
Certificate pinning seems to have stopped working in Alamofire 4 and Swift 3 证书固定似乎已停止在Alamofire 4和Swift 3中工作
This is my code 这是我的代码
let pathToCert = Bundle.main.path(forResource: "certificate", ofType: "der")
let localCertificate = NSData(contentsOfFile: pathToCert!)!
let serverTrustPolicy = ServerTrustPolicy.pinCertificates(
certificates: [SecCertificateCreateWithData(nil, localCertificate)!],
validateCertificateChain: true,
validateHost: true
)
let myServer = "...". //string in format without https://
let serverTrustPolicies = [
myServer: serverTrustPolicy
]
afManager = SessionManager(
serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
)
afManager.request("https://www.google.co.uk", method: .get).response { response in
//I get status code 200 here, which should NOT happen
log.info(response)
}
The certificate loads correctly, this is the certificate 证书正确加载,这是证书
certificate printed inside console 控制台内印有证书
My problem is that I seem to receive status code 200 from my domain and any other domain . 我的问题是我似乎从我的域和任何其他域收到状态代码200 。
I should not be receiving 200 from other domains 我不应该从其他域收到200
I was told that SSL certificate pinning should not be implemented this way in swift 3 / alamofire 4, could this be true? 有人告诉我,在swift 3 / alamofire 4中不应以这种方式实现SSL证书固定,这是真的吗?
Also, could something be wrong with the certificate? 另外,证书可能有问题吗?
PS I tried this code too, but no luck either :((( PS我也尝试过这段代码,但也没有运气:(((
let serverTrustPolicies = [
"*.mydomain.com": serverTrustPolicy
]
let hostname = "YOUR_HOST_NAME"
let endpoint = "YOUR_ENDPOINT"
let cert = "YOUR_CERT" // e.g. for cert.der, this should just be "cert"
// Set up certificates
let pathToCert = Bundle.main.path(forResource: cert, ofType: "der")
let localCertificate = NSData(contentsOfFile: pathToCert!)
let certificates = [SecCertificateCreateWithData(nil, localCertificate!)!]
// Configure the trust policy manager
let serverTrustPolicy = ServerTrustPolicy.pinCertificates(
certificates: certificates,
validateCertificateChain: true,
validateHost: true
)
let serverTrustPolicies = [hostname: serverTrustPolicy]
let serverTrustPolicyManager = ServerTrustPolicyManager(policies: serverTrustPolicies)
// Configure session manager with trust policy
afManager = SessionManager(
configuration: URLSessionConfiguration.default,
serverTrustPolicyManager: serverTrustPolicyManager
)
afManager.request(endpoint, method: .get).responseJSON { response in
debugPrint("All Response Info: \(response)")
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.