Ios5 如何验证SSL证书_Ios5_Ssl Certificate_Nsurl_Afnetworking 2_Nsurlconnectiondelegate

Ios5 如何验证SSL证书

ios5

Ios5 如何验证SSL证书,ios5,ssl-certificate,nsurl,afnetworking-2,nsurlconnectiondelegate,Ios5,Ssl Certificate,Nsurl,Afnetworking 2,Nsurlconnectiondelegate,我想在我的应用程序中验证SSL证书，我正在使用AFNetworking验证证书对于SSL验证，我使用openssl、libcrypto.a和libssl.a 我的问题是，使用NSURLConnection委托方法完成了验证过程，但使用AFNetworking则不起作用 NSURL *url = [NSURL URLWithString:@"https://www.google.com"]; NSURLRequest *req = [NSURLRequest requestWithUR

我想在我的应用程序中验证SSL证书，我正在使用AFNetworking验证证书

对于SSL验证，我使用openssl、libcrypto.a和libssl.a

我的问题是，使用NSURLConnection委托方法完成了验证过程，但使用AFNetworking则不起作用

 NSURL *url = [NSURL URLWithString:@"https://www.google.com"];
    NSURLRequest *req = [NSURLRequest requestWithURL:url];

AFHTTPRequestOperation *operation = [[AFHTTPRequestOperation alloc] initWithRequest:req];
    [operation setCompletionBlockWithSuccess: ^(AFHTTPRequestOperation *operation, id responseObject) {

        NSString *stringResponse = [[NSString alloc] initWithData:responseObject
                                                         encoding:NSUTF8StringEncoding];
//        [self.webView loadHTMLString:stringResponse baseURL:nil];
        NSLog(@"Responce-->>%@",stringResponse);

    } failure: ^(AFHTTPRequestOperation *operation, NSError *error) {

//        [self.webView loadHTMLString:error.localizedDescription baseURL:nil];
        NSLog(@"Responce-->>%@",error.localizedDescription);

    }];

    [operation start];

    [operation setWillSendRequestForAuthenticationChallengeBlock:^(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge)
     {

         if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
         {
             // By now, the OS will already have built a SecTrustRef instance for
             // the server certificates; we just need to evaluate it
             SecTrustRef serverTrust = challenge.protectionSpace.serverTrust;
             SecTrustResultType res;
             OSStatus status = SecTrustEvaluate(serverTrust, &res);

             bool verified = FALSE;
             if (status == errSecSuccess && ((res == kSecTrustResultProceed) || (res == kSecTrustResultUnspecified)))
             {
                 NSLog(@"iOS certificate chain validation for host %@ passed", challenge.protectionSpace.host);

                 verified = verifyWithOpenSSL(serverTrust);
             }
             else
             {
                 NSLog(@"iOS certificate chain validation for host %@ failed", challenge.protectionSpace.host);
             }

             if (verified)
             {
                 // If *both* verifications succeeded, then continue with the connection
                 NSURLCredential *successCredential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
                 [challenge.sender useCredential:successCredential
                      forAuthenticationChallenge:challenge];
             }
             else
             {

                 [challenge.sender cancelAuthenticationChallenge:challenge];
             }
         } else {

             [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
         }


     }];

这是一个用于验证的AFNetworking代码，我不知道它是错误的还是正确的

但这个过程完全是与NSURLConnection一起工作的

所以请帮忙。

AF2网络让这一切变得非常简单。首先，将SSL证书添加到应用程序包中。证书应具有.cer扩展名。其次，为您的操作设置

securityPolicy

：

operation.securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];

默认情况下，AFNetworking将根据与应用程序捆绑的证书验证远程证书，确保域名正确，两者都使用相同的密钥对颁发，并且证书链有效

您使用的是哪个版本的AFNetworking？我使用的是AFNetworking 2.2的最新版本。请参阅下面的答案