无聊的SSL握手失败和复制身份Cred的错误
[英]Boring SSL Handshake Failure and Error copying Identity Cred
问题描述
I am trying to use Self Signed certificate for my request through Alamofire. 
我正在尝试通过Alamofire使用自签名证书。
let trustPolicy = ServerTrustPolicy.pinCertificates(certificates: [certificate], validateCertificateChain: true, validateHost: true)
let serverTrustPolicies: [String: ServerTrustPolicy] = [ "https:-domain-name": trustPolicy,"domain-name" : .disableEvaluation] let policyManager = ServerTrustPolicyManager(policies: serverTrustPolicies)
But I am getting following error. 但是我得到以下错误。
CredStore - copyIdentPrefs - Error copying Identity cred.
and 和
[BoringSSL] boringssl_context_alert_callback_handler(3724) [C1.1:2][0x139d1bd20] Alert level: fatal, description: handshake failure 2019-01-22 15:34:23.448605+0530 DB[1276:264543] [BoringSSL] boringssl_session_errorlog(224) [C1.1:2][0x139d1bd20] [boringssl_session_handshake_incomplete] SSL_ERROR_SSL(1): operation failed within the library
2019-01-22 15:34:23.448796+0530
DB[1276:264543] [BoringSSL] boringssl_session_handshake_error_print(205) [C1.1:2][0x139d1bd20] 5266093016:error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl/boringssl-109.230.1/ssl/tls_record.cc:586:SSL alert number 40
2019-01-22 15:34:23.448986+0530 DB[1276:264543]
[BoringSSL] boringssl_context_get_error_code(3545) [C1.1:2][0x139d1bd20] SSL_AD_HANDSHAKE_FAILURE
2019-01-22
15:34:23.464957+0530 DB[1276:264543] TIC Read Status [1:0x281599800]: 1:-9824
2019-01-22 15:34:23.467598+0530
DB[1276:264543] Task <43E199F9-B030-4BFD-B9E0-8C9F59B43E72>.<1> HTTP load failed (error code: -9824 [1:-9824])
2019-01-22
15:34:23.468019+0530 DB[1276:264574] Task <43E199F9-B030-4BFD-B9E0-8C9F59B43E72>.<1> finished with error - code: -9824 2019-01-22 15:34:23.470149+0530 DB[1276:264574] Task <43E199F9-B030-4BFD-B9E0-8C9F59B43E72>.<1> load failed with error Error Domain=NSPOSIXErrorDomain Code=-9824 "Unknown error: -9824" UserInfo={_NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <43E199F9-B030-4BFD-B9E0-8C9F59B43E72>.<1>, _kCFStreamErrorDomainKey=1, NSErrorPeerAddressKey={length = 16, capacity = 16, bytes = 0x100201bb03106e120000000000000000}, _kCFStreamErrorCodeKey=-9824, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <43E199F9-B030-4BFD-B9E0-8C9F59B43E72>.<1>" )} [-9824]
Have been trying this from past 1 week. 过去1周以来一直在尝试此操作。 Any help would be appreciated. 任何帮助,将不胜感激。
1 个解决方案
解决方案1
0 2019-01-28 03:52:24
Disabling evaluation in Alamofire doesn't disable the system's base verification of certificates which blocks self-signed certificates by default. 在Alamofire中禁用评估不会禁用证书的系统基本验证,默认情况下会阻止自签名证书。 I suggest you read Apple's ATS documentation , but I'm guessing this will require some combination of NSExceptionAllowsInsecureHTTPLoads for your domain and other settings. 我建议您阅读Apple的ATS文档 ,但我猜想这将需要将NSExceptionAllowsInsecureHTTPLoads用于您的域和其他设置。 You should also make sure not to ship those settings if you can help it. 如果可以帮助,还应确保不要发布这些设置。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.