堆棧內存溢出
  簡體   English   中英

證書固定在Swift 3 / Alamofire 4中停止工作了嗎?

[英]Certificate pinning stopped working in swift 3/Alamofire 4?

 原文  2017-07-03 05:33:10       ios/ swift/ ssl-certificate/ alamofire

問題描述

證書固定似乎已停止在Alamofire 4和Swift 3中工作

這是我的代碼 

let pathToCert = Bundle.main.path(forResource: "certificate", ofType: "der")
let localCertificate = NSData(contentsOfFile: pathToCert!)!

 let serverTrustPolicy = ServerTrustPolicy.pinCertificates(
            certificates: [SecCertificateCreateWithData(nil, localCertificate)!],
            validateCertificateChain: true,
            validateHost: true
        )

let myServer = "...". //string in format without https://
let serverTrustPolicies = [
            myServer: serverTrustPolicy
        ]

afManager = SessionManager(
            serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
        )

    afManager.request("https://www.google.co.uk", method: .get).response { response in
                //I get status code 200 here, which should NOT happen
                log.info(response)
            }

證書正確加載,這是證書

控制台內印有證書

我的問題是我似乎從我的域任何其他域收到狀態代碼200

我不應該從其他域收到200

有人告訴我,在swift 3 / alamofire 4中不應以這種方式實現SSL證書固定,這是真的嗎?

另外,證書可能有問題嗎?

PS我也嘗試過這段代碼,但也沒有運氣:((( 

let serverTrustPolicies = [
        "*.mydomain.com": serverTrustPolicy
    ]

1 個解決方案

解決方案1
 0  2017-07-03 05:36:18

let hostname = "YOUR_HOST_NAME"
let endpoint = "YOUR_ENDPOINT"
let cert = "YOUR_CERT" // e.g. for cert.der, this should just be "cert"

// Set up certificates
let pathToCert = Bundle.main.path(forResource: cert, ofType: "der")
let localCertificate = NSData(contentsOfFile: pathToCert!)
let certificates = [SecCertificateCreateWithData(nil, localCertificate!)!]

// Configure the trust policy manager
let serverTrustPolicy = ServerTrustPolicy.pinCertificates(
    certificates: certificates,
    validateCertificateChain: true,
    validateHost: true
)    
let serverTrustPolicies = [hostname: serverTrustPolicy]
let serverTrustPolicyManager = ServerTrustPolicyManager(policies: serverTrustPolicies)

// Configure session manager with trust policy
afManager = SessionManager(
    configuration: URLSessionConfiguration.default,
    serverTrustPolicyManager: serverTrustPolicyManager
)


afManager.request(endpoint, method: .get).responseJSON { response in
    debugPrint("All Response Info: \(response)")
}

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 證書固定在Alamofire中不起作用 Alamofire 證書固定不起作用 "在 Alamofire 中固定證書" Swift 3如何使用SSL Pinning和AlamoFire驗證服務器證書? 使用AlamoFire在Swift中通過證書固定實施的HTTPS請求失敗 Alamofire ServerTrustPolicy證書固定不會阻止Charles Proxy Swift 3 AlamoFire:公鑰固定不起作用 通過Alamofire進行SSL固定不起作用 如何使用 alamofire 管理器在 ios app swift4 中添加 ssl 證書固定? 如何使用Alamofire測試證書固定?
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM