具有自签名证书的NSURLSession +服务器

本文介绍了具有自签名证书的NSURLSession +服务器的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我有一个生产的应用程序以及一个具有自签名证书的开发服务器。

I have an app that is production along with a development server that has a self signed certificate.

我正在尝试测试 NSURLSession 和后台下载但似乎无法超越 - （void）URLSession：（NSURLSession *）session didReceiveChallenge：（NSURLAuthenticationChallenge *）challenge completionHandler： （void（^）（NSURLSessionAuthChallengeDisposition disposition，NSURLCredential * credential））completionHandler

I am attempting to test NSURLSession and background downloading but can't seem to get past - (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler

当我使用 NSURLConnection 我能够绕过它：

When I use NSURLConnection I am able to bypass it using:

- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace { NSLog(@"canAuthenticateAgainstProtectionSpace %@", [protectionSpace authenticationMethod]); return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]; } - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { NSLog(@"didReceiveAuthenticationChallenge %@ %zd", [[challenge protectionSpace] authenticationMethod], (ssize_t) [challenge previousFailureCount]); [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; }

但我无法弄清楚如何使用 NSURLSession >> :(

But I can't figure out how to get this to work with NSURLSession >:(

这是我目前的（不起作用）：

This is what I have currently (that doesn't work):

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler { NSLog(@"NSURLSession did receive challenge."); completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]); }

我还尝试创建一个 NSURLSession 的类别将允许主机的任何证书：

I also tried creating a category of NSURLSession that would allow any certificate for a host:

#import "NSURLRequest+IgnoreSSL.h" @implementation NSURLRequest (IgnoreSSL) + (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host { return YES; } + (void)setAllowsAnyHTTPSCertificate:(BOOL)allow forHost:(NSString*)host {} @end

这似乎也没有帮助。

编辑

I已更新此方法以返回：

I've updated this method to return:

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler { //Creates credentials for logged in user (username/pass) NSURLCredential *cred = [[AuthController sharedController] userCredentials]; completionHandler(NSURLSessionAuthChallengeUseCredential, cred); }

哪些仍然无效。

推荐答案

对我来说，你的第一个例子工作正常。我已经使用以下代码测试没有问题（它当然非常不安全，因为它允许任何服务器证书）。

For me your first example is working fine. I have tested with the following code without problems (it is of course very insecure since it allows any server certificate).

@implementation SessionTest - (void) startSession { NSURL *url = [NSURL URLWithString:@"self-signed.server.url"]; NSURLSessionConfiguration *defaultConfigObject = [NSURLSessionConfiguration defaultSessionConfiguration]; NSURLSession *defaultSession = [NSURLSession sessionWithConfiguration: defaultConfigObject delegate: self delegateQueue: [NSOperationQueue mainQueue]]; NSURLSessionDataTask * dataTask = [defaultSession dataTaskWithURL:url completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) { if(error == nil) { NSString * text = [[NSString alloc] initWithData: data encoding: NSUTF8StringEncoding]; NSLog(@"Data: %@",text); } else { NSLog(@"Error: %@", error); } }]; [dataTask resume]; } - (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler { completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]); } @end

更新：这是班级接口，SessionTest类是NSURLSessionDataDelegate，用于启动数据下载，创建一个SessionTest对象并调用startSession方法。

Update: This is the class interface, the SessionTest class is the NSURLSessionDataDelegate, to start the data download you create a SessionTest object and call the startSession method.

@interface SessionTest : NSObject <NSURLSessionDelegate> - (void) startSession; @end