越狱的iOS似乎没有预装可信的授权/证书。例如:
尝试克隆存储库时,git
说SSL certificate problem
:
➜ ~ git clone https://github.com/tylerhall/sosumi.git
Cloning into 'sosumi'...
fatal: unable to access 'https://github.com/tylerhall/sosumi.git/': SSL certificate problem: unable to get local issuer certificate
wget
在检查证书时返回错误:➜ ~ wget https://curl.haxx.se/
--2016-03-27 13:36:14-- https://curl.haxx.se/
Resolving curl.haxx.se... 80.67.6.50, 2a00:1a28:1200:9::2
Connecting to curl.haxx.se|80.67.6.50|:443... connected.
ERROR: cannot verify curl.haxx.se's certificate, issued by '/C=US/O=Let\'s Encrypt/CN=Let\'s Encrypt Authority X1':
Unable to locally verify the issuer's authority.
To connect to curl.haxx.se insecurely, use `--no-check-certificate'.
curl
在检查证书时返回错误:➜ ~ curl https://curl.haxx.se/
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
我试过了:
cd /usr/local/share/ca-certificates
wget http://curl.haxx.se/ca/cacert.pem --no-check-certificate
wget http://repo.thireus.com/Packages_robinbird/update-ca-certificates_1.1-2_iphoneos-arm.deb
dpkg -i update-ca-certificates_1.1-2_iphoneos-arm.deb
update-ca-certificates
没有任何效果。
如何一劳永逸地解决认证问题?
最佳答案
iOS使用自己的证书存储区,就像OSX一样,存储在钥匙串中。它
不是Linux,并且与越狱无关。这就是为什么,例如,Apple为OSX构建了自己的Git版本,该版本可以访问该证书存储,而不会抱怨证书。您必须阅读所需的工具,这些工具将在其中搜索受信任的证书。
关于ios - 在越狱的iOS中修复CA证书?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36250527/