AFNetworking允许不通过证书验证访问https(AFNetworking+SSL)
2015-10-28 14:16
645 查看
一 AFNetworking如何允许不通过证书验证访问https?
查了多种资料,试过很多方法,最终在stackoverflow中找到方法。
1 使用AFHTTPRequestOperation
和 AFHTTPRequestOperationManager 分别加上
- (void)setOpration:(AFHTTPRequestOperation *)opration
{
opration.securityPolicy.allowInvalidCertificates = YES;
}
- (void)managerSetOpration:(AFHTTPRequestOperationManager *)opration
{
opration.securityPolicy.allowInvalidCertificates = YES;
}
2 修改AFNetworking中修改源码,在AFSecurityPolicy.m注释掉这几句
- (BOOL)evaluateServerTrust:(SecTrustRef)serverTrust
forDomain:(NSString *)domain
{
// if (domain && self.allowInvalidCertificates && self.validatesDomainName && (self.SSLPinningMode == GMAFSSLPinningModeNone || [self.pinnedCertificates count] == 0)) {
// // https://developer.apple.com/library/mac/documentation/NetworkingInternet/Conceptual/NetworkingTopics/Articles/OverridingSSLChainValidationCorrectly.html // // According to the docs, you should only trust your provided certs for evaluation.
// // Pinned certificates are added to the trust. Without pinned certificates,
// // there is nothing to evaluate against.
// //
// // From Apple Docs:
// // "Do not implicitly trust self-signed certificates as anchors (kSecTrustOptionImplicitAnchors).
// // Instead, add your own (self-signed) CA certificate to the list of trusted anchors."
// NSLog(@"In order to validate a domain name for self signed certificates, you MUST use pinning.");
// return NO;
// }
二 如果要使用自签名证书进行验证,请参照
查了多种资料,试过很多方法,最终在stackoverflow中找到方法。
1 使用AFHTTPRequestOperation
和 AFHTTPRequestOperationManager 分别加上
- (void)setOpration:(AFHTTPRequestOperation *)opration
{
opration.securityPolicy.allowInvalidCertificates = YES;
}
- (void)managerSetOpration:(AFHTTPRequestOperationManager *)opration
{
opration.securityPolicy.allowInvalidCertificates = YES;
}
2 修改AFNetworking中修改源码,在AFSecurityPolicy.m注释掉这几句
- (BOOL)evaluateServerTrust:(SecTrustRef)serverTrust
forDomain:(NSString *)domain
{
// if (domain && self.allowInvalidCertificates && self.validatesDomainName && (self.SSLPinningMode == GMAFSSLPinningModeNone || [self.pinnedCertificates count] == 0)) {
// // https://developer.apple.com/library/mac/documentation/NetworkingInternet/Conceptual/NetworkingTopics/Articles/OverridingSSLChainValidationCorrectly.html // // According to the docs, you should only trust your provided certs for evaluation.
// // Pinned certificates are added to the trust. Without pinned certificates,
// // there is nothing to evaluate against.
// //
// // From Apple Docs:
// // "Do not implicitly trust self-signed certificates as anchors (kSecTrustOptionImplicitAnchors).
// // Instead, add your own (self-signed) CA certificate to the list of trusted anchors."
// NSLog(@"In order to validate a domain name for self signed certificates, you MUST use pinning.");
// return NO;
// }
二 如果要使用自签名证书进行验证,请参照
iOS实用技巧 - AFNetworking2安全的使用自签证书访问HTTPS
相关文章推荐
- 访问Nginx发生SSL connection error的一种情况
- MySQL复制解决方案(Replication Solutions)
- Linux实现https方式访问站点
- HTTPS的七个误解
- Apache SSL服务器配置SSL详解
- 配置apache默认使用ssl的方法
- World Wide Web Publishing 服务尝试删除 IIS 所有的 SSL 配置数据失败的几种方法
- Apache、SSL、MySQL和PHP平滑无缝地安装
- mysql通过ssl的方式生成秘钥具体生成步骤
- Centos 5下配置https服务器的方法
- apache https配置详细步骤讲解
- windows服务器中检测PHP SSL是否开启以及开启SSL的方法
- python简单实现基于SSL的IRC bot实例
- Tomcat ssl报错Connector attribute SSLCertificateFile must be defined when using SSL with APR解决方法
- PHP实现支持SSL连接的SMTP邮件发送类
- php使用curl打开https网站的方法
- win2003 https 网站的图文配置教程
- 在Apache服务器上安装SSL支持的教程