[英]SSL Pinning in swift and authentication challenge
I am trying to implement SSL pinning and I did, using the didReceiveAuthentication Challenge. 我正在尝试实现SSL固定,并且使用didReceiveAuthentication Challenge做到了。 I do have a question, however, is that the description of this function
但是,我确实有一个问题是该功能的说明
https://developer.apple.com/documentation/webkit/wknavigationdelegate/1455638-webview?language=objc https://developer.apple.com/documentation/webkit/wknavigationdelegate/1455638-webview?language=objc
and so are the URLSession Version of it, both mentioned that only when the challenge is received. 以及它的URLSession版本,都提到仅当收到质询时。 My worry is that, would there be website that doesn't ask for client certificate at all?
我担心的是,是否会有网站根本不要求提供客户证书? If that is the case, how am I suppose to do SSL pinning then?
如果是这样,那我应该怎么做SSL固定呢?
Client-side certificate pinning has nothing to do with client certificates. 客户端证书固定与客户端证书无关。
didReceiveAuthenticationChallenge:
is called in response to receiving the server's certificate as well. didReceiveAuthenticationChallenge:
也会响应于接收到服务器的证书而被调用。 In that case it's called with the protectionSpace.authenticationMethod
set to NSURLAuthenticationMethodServerTrust
. 在这种情况下,可以将
protectionSpace.authenticationMethod
设置为NSURLAuthenticationMethodServerTrust
进行NSURLAuthenticationMethodServerTrust
。 If the server requests a client certificate, it'll be called again with ...ClientCertificate
. 如果服务器请求客户端证书,将使用
...ClientCertificate
再次调用它。 If Basic Auth is required, it'll be called again with ...HTTPBasic
and so on. 如果需要基本
...HTTPBasic
验证,将使用...HTTPBasic
等再次调用它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.