[英]Alamofire, ssl pinning on subdomain address
I'm current able on my IOS app using Alamofire and SSL pinning to log in to my company website.我目前可以使用 Alamofire 和 SSL 固定在我的 IOS 应用程序上登录我的公司网站。
But I can't log in to a subdomain of my website.但是我无法登录到我网站的子域。 is there any special configuration I'm missing in my code to be able to establish the SSL communication with my subdomain?我的代码中是否缺少任何特殊配置,以便能够与我的子域建立 SSL 通信?
func loadcertificate()->[SecCertificate]{
guard let pathToCert = Bundle.main.path(forResource: "amua", ofType: "cer") else {fatalError("can not find")}
guard let localCertificate = NSData(contentsOfFile: pathToCert) else {fatalError("can not load")}
guard let cert = SecCertificateCreateWithData(nil, localCertificate) else {fatalError("can not read cert")}
return [cert]
}
func connection() {
sessionManager = Session(configuration: URLSessionConfiguration.default)
let evaluator = PinnedCertificatesTrustEvaluator(certificates: loadcertificate(),
acceptSelfSignedCertificates: false,
performDefaultValidation: true,
validateHost: true)
let ServerTrustManager = ServerTrustManager(allHostsMustBeEvaluated: false,
evaluators:
["airmacau.com.mo" : evaluator])
sessionManager = Session(configuration: URLSessionConfiguration.default, delegate: SessionDelegate(), serverTrustManager: ServerTrustManager)
sessionManager?.request("https://icrew.airmacau.com.mo", method: .get, encoding: URLEncoding.default)
.response { response in
if let st = response.data {
let str = String(decoding: st, as: UTF8.self)
do {
print("OK")
let doc: Document = try SwiftSoup.parse(str)
print(doc)
}catch let err {
print("ERRORE .get icrew")
print(err.localizedDescription)
}
}
}
}
}
if I connect to the main website address https://www.airmacau.com.mo all work fine, if I connect to the subdomain https://icrew.airmacau.com.mo the connection fail and I get the error HANDSHAKE_FAILURE
如果我连接到主网站地址https://www.airmacau.com.mo一切正常,如果我连接到子域https://icrew.airmacau.com.mo连接失败,我收到错误HANDSHAKE_FAILURE
class WildcardServerTrustPolicyManager: ServerTrustManager {
override func serverTrustEvaluator(forHost host: String) throws -> ServerTrustEvaluating? {
if let policy = evaluators[host] {
return policy
}
var domainComponents = host.split(separator: ".")
if domainComponents.count > 2 {
domainComponents[0] = "*"
let wildcardHost = domainComponents.joined(separator: ".")
return evaluators[wildcardHost]
}
return nil
}
}
Implementation:执行:
let evaluators: [String: ServerTrustEvaluating] = [
"*.airmacau.com.mo": evaluator
]
let manager = WildcardServerTrustPolicyManager(evaluators: evaluators)
Session Manager Config:会话管理器配置:
sessionManager = Session(configuration: URLSessionConfiguration.default, delegate: SessionDelegate(), serverTrustManager: manager)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.