Ios5 如何验证SSL证书
我想在我的应用程序中验证SSL证书,我正在使用AFNetworking验证证书 对于SSL验证,我使用openssl、libcrypto.a和libssl.a 我的问题是,使用NSURLConnection委托方法完成了验证过程,但使用AFNetworking则不起作用Ios5 如何验证SSL证书,ios5,ssl-certificate,nsurl,afnetworking-2,nsurlconnectiondelegate,Ios5,Ssl Certificate,Nsurl,Afnetworking 2,Nsurlconnectiondelegate,我想在我的应用程序中验证SSL证书,我正在使用AFNetworking验证证书 对于SSL验证,我使用openssl、libcrypto.a和libssl.a 我的问题是,使用NSURLConnection委托方法完成了验证过程,但使用AFNetworking则不起作用 NSURL *url = [NSURL URLWithString:@"https://www.google.com"]; NSURLRequest *req = [NSURLRequest requestWithUR
NSURL *url = [NSURL URLWithString:@"https://www.google.com"];
NSURLRequest *req = [NSURLRequest requestWithURL:url];
AFHTTPRequestOperation *operation = [[AFHTTPRequestOperation alloc] initWithRequest:req];
[operation setCompletionBlockWithSuccess: ^(AFHTTPRequestOperation *operation, id responseObject) {
NSString *stringResponse = [[NSString alloc] initWithData:responseObject
encoding:NSUTF8StringEncoding];
// [self.webView loadHTMLString:stringResponse baseURL:nil];
NSLog(@"Responce-->>%@",stringResponse);
} failure: ^(AFHTTPRequestOperation *operation, NSError *error) {
// [self.webView loadHTMLString:error.localizedDescription baseURL:nil];
NSLog(@"Responce-->>%@",error.localizedDescription);
}];
[operation start];
[operation setWillSendRequestForAuthenticationChallengeBlock:^(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge)
{
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
{
// By now, the OS will already have built a SecTrustRef instance for
// the server certificates; we just need to evaluate it
SecTrustRef serverTrust = challenge.protectionSpace.serverTrust;
SecTrustResultType res;
OSStatus status = SecTrustEvaluate(serverTrust, &res);
bool verified = FALSE;
if (status == errSecSuccess && ((res == kSecTrustResultProceed) || (res == kSecTrustResultUnspecified)))
{
NSLog(@"iOS certificate chain validation for host %@ passed", challenge.protectionSpace.host);
verified = verifyWithOpenSSL(serverTrust);
}
else
{
NSLog(@"iOS certificate chain validation for host %@ failed", challenge.protectionSpace.host);
}
if (verified)
{
// If *both* verifications succeeded, then continue with the connection
NSURLCredential *successCredential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
[challenge.sender useCredential:successCredential
forAuthenticationChallenge:challenge];
}
else
{
[challenge.sender cancelAuthenticationChallenge:challenge];
}
} else {
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}
}];
这是一个用于验证的AFNetworking代码,我不知道它是错误的还是正确的
但这个过程完全是与NSURLConnection一起工作的
所以请帮忙。AF2网络让这一切变得非常简单。首先,将SSL证书添加到应用程序包中。证书应具有.cer扩展名。其次,为您的操作设置
securityPolicy
:
operation.securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
默认情况下,AFNetworking将根据与应用程序捆绑的证书验证远程证书,确保域名正确,两者都使用相同的密钥对颁发,并且证书链有效 您使用的是哪个版本的AFNetworking?我使用的是AFNetworking 2.2的最新版本。请参阅下面的答案