快速afnetworking SSL固定

本文介绍了快速afnetworking SSL固定的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

var manager：AFHTTPSessionManager

var manager: AFHTTPSessionManager

init() { manager = AFHTTPSessionManager() manager.requestSerializer = AFJSONRequestSerializer() manager.responseSerializer = AFJSONResponseSerializer() let securityPolicy = AFSecurityPolicy(pinningMode: AFSSLPinningMode.Certificate) let certificatePath = NSBundle.mainBundle().pathForResource("c38acbe05a6328ee", ofType: "crt")! let certificateData = NSData(contentsOfFile: certificatePath)! securityPolicy.pinnedCertificates = [certificateData] securityPolicy.validatesDomainName = false securityPolicy.allowInvalidCertificates = false manager.securityPolicy = securityPolicy }

我一直在努力使它工作一段时间。 Swift文档很少，但是我在阅读obj-c方面越来越好。该证书采用PEM格式，我已经尝试过并将其转换为.der格式。 Der格式在init（）中被炸毁，.PEM格式在evaluateServerTrust中被炸毁。我在AFNetworking 2.5.1中尝试过并升级到3.0.4-同样的问题。我已经尝试过以下每种对错组合。

I've been trying to get this working for some time now. Swift documentation is sparce, but I'm getting better at reading obj-c. The cert is in PEM format, I've tried that and converting to .der format. Der format blows up in init(), .PEM format blows up in evaluateServerTrust. I tried in AFNetworking 2.5.1 and upgraded to 3.0.4 - same issue. I've tried every combination of true and false for the following.

securityPolicy.validatesDomainName = false securityPolicy.allowInvalidCertificates = false

securityPolicy.validatesDomainName = false securityPolicy.allowInvalidCertificates = false

任何见识将不胜感激。谢谢

Any insight would be greatly appreciated. Thank you

推荐答案

经过大量研究和试用……我决定迁移到Alamofire 3.0，解决方案问世了。 请注意以下几点：$ b​​ $ b证书必须为.der格式。我的是.pem格式。 我的证书用于叶子，即不包括证书链。 对于iOS 9.0，我必须为服务器添加ATS传输。

After much research and trial ... I decide to move to Alamofire 3.0 and the solution came. Note the following: The certificate must be in .der format. Mine was in .pem format. My certifcate was for the "leaf" i.e, the certificate chain was not included. For iOS 9.0 I had to add the ATS transport for my server.

工作示例：

var manager: Manager init() { let serverTrustPolicies: [String: ServerTrustPolicy] = [ "myserver": .PinCertificates( certificates: ServerTrustPolicy.certificatesInBundle(), validateCertificateChain: false, validateHost: true ) ] manager = Alamofire.Manager(configuration: NSURLSessionConfiguration.defaultSessionConfiguration(), serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)) } let email = defaults.objectForKey("email") as? String let beacon = defaults.objectForKey("beacon") as? String let credential = NSURLCredential(user: email!, password: beacon!, persistence: NSURLCredentialPersistence.ForSession) manager.request(.GET, url, encoding: .JSON) .authenticate(usingCredential: credential) .responseJSON { response in switch response.result { case .Success(let data): print(data) self.delegate?.didReceivePersonResults!(data as! NSDictionary) case .Failure(let error): print(error) self.delegate?.didReceivePersonError!("Server Error") } }