我想在iOS模拟器上访问公司内部的https页面。 该页面可以通过 safari 访问。 但WKWebView无法访问。 程序报如下错误。
An SSL error has occurred and a secure connection to the server cannot be made.
TLS 版本为 TLSv1.2。
如果我设置 NSAllowsArbitraryLoads,我就可以访问。 但我认为这种方式不好。
我的代码如下。
//
// ViewController.swift
// TestClient
//
// Created by 平塚 俊輔 on 2015/12/07.
// Copyright © 2015年 平塚 俊輔. All rights reserved.
//
//1.WebKit Frameworkをimportする
import WebKit
class ViewController: UIViewController, WKNavigationDelegate {
//2.WKWebviewの宣言!
var _webkitview: WKWebView?
override func viewDidLoad() {
super.viewDidLoad()
// Do any additional setup after loading the view, typically from a nib.
//3.WebKitのインスタンス作成!
self._webkitview = WKWebView()
//4.ここでWebKitをviewに紐付け
self.view = self._webkitview!
self._webkitview!.navigationDelegate = self
//5.URL作って、表示させる!
var url = NSURL(string:"https:/******")
var req = NSURLRequest(URL:url!)
self._webkitview!.loadRequest(req)
}
// MARK: WKNavigationDelegate
func webView(webView: WKWebView, didStartProvisionalNavigation navigation: WKNavigation!) {
NSLog("Start")
}
func webView(webView: WKWebView!, didFailNavigation navigation: WKNavigation!, withError error: NSError!) {
NSLog("Failed Navigation %@", error.localizedDescription)
}
func webView(webView: WKWebView!, didFinishNavigation navigation: WKNavigation!) {
// Finish navigation
NSLog("Finish Navigation")
NSLog("Title:%@ URL:%@", webView.title!, webView.URL!)
// Run Javascript(For local)
// webView.evaluateJavaScript("var el=document.getElementById('user');el.style.backgroundColor='yellow';", nil)
}
func webView(webView: WKWebView, didFailProvisionalNavigation navigation: WKNavigation!, withError error: NSError) {
print(error)
}
override func didReceiveMemoryWarning() {
super.didReceiveMemoryWarning()
// Dispose of any resources that can be recreated.
}
}
这是什么问题?
顺便说一句,我可以在真实设备上访问。 我无法仅在模拟器上访问。
最佳答案
应用程序传输安全涉及的不仅仅是 HTTPS (TLS)。它还涉及可能允许也可能不允许的特定类型的密码和证书。
您可以在这里找到详细信息:
Requirements for Connecting Using ATS
The requirements for a web service connection to use App Transport Security (ATS) involve the server, connection ciphers, and certificates, as follows:
- Certificates must be signed with one of the following types of keys:
- Secure Hash Algorithm 2 (SHA-2) key with a digest length of at least 256 (that is, SHA-256 or greater)
- Elliptic-Curve Cryptography (ECC) key with a size of at least 256 bits
- Rivest-Shamir-Adleman (RSA) key with a length of at least 2048 bits
An invalid certificate results in a hard failure and no connection.
- The following connection ciphers support forward secrecy (FS) and work with ATS:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
“好的”选项是重新配置您的服务器以使用适当的密码和证书。否则,您可以全局或更精细地禁用所有站点或仅针对特定域和/或子域的检查。异常(exception)情况越“严格”越好。
关于ios - 为什么无法访问?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34133430/