Ios 当我们尝试使用NSURLConnection与SSL连接以获取不受信任的证书时,是否有方法让用户选择是否信任该站点?
堆栈上也存在类似的溢出 这是我的代码,它将接受不受信任的服务器证书Ios 当我们尝试使用NSURLConnection与SSL连接以获取不受信任的证书时,是否有方法让用户选择是否信任该站点?,ios,nsurlconnection,ssl-certificate,nsurlconnectiondelegate,Ios,Nsurlconnection,Ssl Certificate,Nsurlconnectiondelegate,堆栈上也存在类似的溢出 这是我的代码,它将接受不受信任的服务器证书 - (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)space { //We can always attempt to authenticate... return YES; } - (void)connection:(NSURLConnec
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)space
{
//We can always attempt to authenticate...
return YES;
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
if ([[challenge protectionSpace] authenticationMethod] == NSURLAuthenticationMethodServerTrust) {
[[challenge sender] useCredential:[NSURLCredential credentialForTrust:[[challenge protectionSpace] serverTrust]] forAuthenticationChallenge:challenge];
} else {
// Other situation
}
}
UIAlertView *alert = [[UIAlertView alloc] initWithTitle:
[[challenge protectionSpace]host] message:@"Do you trust this site?"
delegate:self cancelButtonTitle:@"No"
otherButtonTitles:@"Yes", @"Just once", nil];
[alert show];
我该怎么做呢?例如,您可以将质询对象保存到属性中,然后像这样实现alertView:ClickedButtonIndex:delegate方法(这用于“信任一次”): 如果希望始终信任,则需要执行一些更复杂的操作来保存和比较服务器证书数据。或者通过保存服务器URL应该被信任的方式来简化它和不安全,这使得你容易受到中间人攻击。
- (void)alertView:(UIAlertView *)alertView clickedButtonAtIndex:(NSInteger)buttonIndex
{
if(buttonIndex == alertView.cancelButtonIndex)
{
[[self.challenge sender] cancelAuthenticationChallenge:self.challenge];
}
else
{
[self.challenge.sender useCredential:[NSURLCredential credentialForTrust:self.challenge.protectionSpace.serverTrust] forAuthenticationChallenge:self.challenge];
self.challenge = nil;
}
}