我有一个直接连接到硬件路由器的应用程序。从 iOS 9
开始,我更新了 AFNetworking
,现在我在尝试通过 https
连接时遇到 ssl
错误。
这不是 iOS 9
App Transport Security
问题,因为我添加了相关的 .plist
条目以绕过它和连接在 http
上正常工作。
我需要绕过证书检查,因为每个路由器都有自己的自签名证书,所以我显然不能将证书添加到我的应用程序中,因为每个用户都是不同的。
我使用 AFHTTPRequestOperation
子类进行连接并设置了 self.securityPolicy.allowInvalidCertificates = YES;
但我收到以下错误:
Error during connection: Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9806, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7fa9f3611b40 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://myserver.com:4780/Info.htm, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9806, _kCFStreamPropertySSLClientCertificateState=0, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://myserver.com:4780/Info.htm, _kCFStreamErrorCodeKey=-9806}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://myserver.com:4780/Info.htm, NSErrorFailingURLStringKey=https://myserver.com:4780/Info.htm, _kCFStreamErrorDomainKey=3}
我也尝试添加 setWillSendRequestForAuthenticationChallengeBlock:
但是该 block 永远不会被调用。
有人可以帮忙吗?
谢谢
编辑 -----
设置 self.securityPolicy.validatesDomainName = NO;
也不起作用。请问是不是硬件证书类型的问题。
编辑 2 ----- 这是证书
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : SSLv3 Cipher : DES-CBC3-SHA Session-ID: 010000000C6B8632215649C0665E9DCC9EC59E22F8F021672B6B50B84222A342 Session-ID-ctx: Master-Key: D71EC7D8F7A4A3581E25CDAD9C532B2C7B4DA8B513AF337095496B575F525CFBA02A40797B2D2A4F0B5911EFEFC3623F Key-Arg : None Start Time: 1443102149 Timeout : 300 (sec) Verify return code: 18 (self signed certificate)
编辑 3 --------
将这段代码添加到我的 AFHTTPRequestOperation
子类中可以使其在 iOS 8 上运行,但在 iOS 9 上什至不会调用该 block 。
[self setWillSendRequestForAuthenticationChallengeBlock:^(NSURLConnection * _Nonnull connection, NSURLAuthenticationChallenge * _Nonnull challenge)
{
NSLog(@"**** HERE ****");
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
{
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
}
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}];
最佳答案
AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
securityPolicy.allowInvalidCertificates = YES;
manager.securityPolicy = securityPolicy;
关于ios - AFNetworking 需要绕过 ssl 检查,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32692855/