I have self signed certificate validation on server. When I try use api https://wikiroutes.info/test/api/ios/getCities in browser on mac, its work only when I accept .p12 certificate. I don't find where I can input password for .p12 in AFNetworking. Also I have file .der, but when I use it, I have error kSecTrustResultRecoverableTrustFailure
on the code SecTrustEvaluate(allowedTrust, &result)
my code
NSString* fileRoot = [[NSBundle mainBundle] pathForResource:@"cert.pem" ofType:@"der"];
NSData *certData = [[NSData alloc] initWithContentsOfFile:fileRoot];
AFSecurityPolicy *securityPolicy = [[AFSecurityPolicy alloc] init];
securityPolicy.SSLPinningMode = AFSSLPinningModeCertificate;
[securityPolicy setAllowInvalidCertificates:YES];
securityPolicy.pinnedCertificates = @[certData];
AFHTTPRequestOperationManager *operationManager = [[AFHTTPRequestOperationManager alloc] initWithBaseURL:[NSURL URLWithString:@"https://wikiroutes.info"]];
operationManager.responseSerializer.acceptableContentTypes = [NSSet setWithObject:@"text/plain"];
operationManager.securityPolicy = securityPolicy;
[operationManager GET:@"test/api/ios/getCities" parameters:nil success:^(AFHTTPRequestOperation *operation, id responseObject) {
NSLog(@"response %@",responseObject);
} failure:^(AFHTTPRequestOperation *operation, NSError *error) {
NSLog(@"error %@",error);
}];
Its my test project. https://www.dropbox.com/s/410w5bau3e3slx9/testApp.zip
its certificate files
https://www.dropbox.com/s/hk9hywri37wxpet/cert.pem.der https://www.dropbox.com/s/2cpfhokh59jo15d/cert.p12 (password - nM123456)
据我所知,AFNetworking会自动搜索扩展名为“ .cer”的DER格式的证书,因此您需要像这样转换PEM证书:
openssl x509 -in cert.pem -outform der -out cert.cer
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.