如何在IOS中检查所有NSURL连接的SSL证书

现在我使用-connection:didReceiveAuthenticationChallenge:函数来检查SSL证书。根据用户的要求，我需要检查所有的请求。但在我的测试演示中，-connection:didReceiveAuthenticationChallenge:delegate函数将在5分钟内只调用一次。5分钟后，它将再次被调用。但是我们的用户可能在5分钟内发送多个请求。有人知道我们必须解决这个问题吗

请求代码

NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:_server_url]];
[urlRequest setCachePolicy:NSURLRequestReloadIgnoringLocalCacheData];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setHTTPBody:[query dataUsingEncoding:NSUTF8StringEncoding]];

urlConnection = [[[NSURLConnection alloc] initWithRequest:urlRequest delegate:self] autorelease] ;
[urlConnection scheduleInRunLoop:[NSRunLoop mainRunLoop]
                      forMode:NSDefaultRunLoopMode];
[urlConnection start];

代表职能：

- (BOOL)connection:(NSURLConnection *)conn canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
    NSLog(@"authenticate method:%@",protectionSpace.authenticationMethod);

    return YES;
}

- (void) connection:(NSURLConnection *)conn didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge 
{
    NSURLAuthenticationChallenge *_challenge=[challenge retain];

    SecTrustRef trustRef = [[_challenge protectionSpace] serverTrust];
    SecTrustEvaluate(trustRef, NULL);

    SecCertificateRef certRef = SecTrustGetCertificateAtIndex(trustRef, 0);

    NSData *certificateData = (NSData *) SecCertificateCopyData(certRef);
    const unsigned char *certificateDataBytes = (const unsigned char *)[certificateData bytes];
    X509 *certificateX509 = d2i_X509(NULL, &certificateDataBytes, [certificateData length]);

    NSString *subject = CertificateGetDomainName(certificateX509);

    NSLog(@"Subject: %@", subject);

    [[_challenge sender] continueWithoutCredentialForAuthenticationChallenge:_challenge];

}

---

没有简单的方法可以刷新TLS缓存：

---

尝试重新思考您的用例，以确定您是否每次都需要验证。

谢谢您的回复，但我们确实需要每次都检查验证。我们需要检查服务器是否为代理服务器。