[英]AFNetworking https self signed certificate
我在服务器上进行了自签名证书验证。 当我尝试在Mac上的浏览器中使用api https://wikiroutes.info/test/api/ios/getCities时,仅当我接受.p12证书时,它才能工作。 我在AFNetworking中找不到可以输入.p12密码的位置。 我也有文件.der,但是当我使用它时,我在代码SecTrustEvaluate(allowedTrust, &result)
上出现错误kSecTrustResultRecoverableTrustFailure
我的代码
NSString* fileRoot = [[NSBundle mainBundle] pathForResource:@"cert.pem" ofType:@"der"];
NSData *certData = [[NSData alloc] initWithContentsOfFile:fileRoot];
AFSecurityPolicy *securityPolicy = [[AFSecurityPolicy alloc] init];
securityPolicy.SSLPinningMode = AFSSLPinningModeCertificate;
[securityPolicy setAllowInvalidCertificates:YES];
securityPolicy.pinnedCertificates = @[certData];
AFHTTPRequestOperationManager *operationManager = [[AFHTTPRequestOperationManager alloc] initWithBaseURL:[NSURL URLWithString:@"https://wikiroutes.info"]];
operationManager.responseSerializer.acceptableContentTypes = [NSSet setWithObject:@"text/plain"];
operationManager.securityPolicy = securityPolicy;
[operationManager GET:@"test/api/ios/getCities" parameters:nil success:^(AFHTTPRequestOperation *operation, id responseObject) {
NSLog(@"response %@",responseObject);
} failure:^(AFHTTPRequestOperation *operation, NSError *error) {
NSLog(@"error %@",error);
}];
它是我的测试项目。 https://www.dropbox.com/s/410w5bau3e3slx9/testApp.zip
其证书文件
https://www.dropbox.com/s/hk9hywri37wxpet/cert.pem.der https://www.dropbox.com/s/2cpfhokh59jo15d/cert.p12 (密码-nM123456)
据我所知,AFNetworking会自动搜索扩展名为“ .cer”的DER格式的证书,因此您需要像这样转换PEM证书:
openssl x509 -in cert.pem -outform der -out cert.cer
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.