AFNetworking 2.0证书未读

时间:2013-12-02 20:45:21

标签: ios7 afnetworking-2

我使用代码来读取JSON数据:

[[DVAPIManager sharedManager] setUsername:user andPassword:pass];

NSLog(@"Using %d pinned certificates", [[DVAPIManager sharedManager].securityPolicy.pinnedCertificates count]);
[[DVAPIManager sharedManager] GET:@"/areas" parameters:nil success:^(AFHTTPRequestOperation *operation, id responseObject) {
            NSLog(@"JSON: %@", responseObject);
} failure:^(AFHTTPRequestOperation *operation, NSError *error) {
            NSLog(@"Error: %@", error);
}];

但我出于调试原因的NSLong给出了:使用0个固定证书

我已经将apache.cer文件复制到项目中,也复制到我的单例类文件中:

- (id)initWithBaseURL:(NSURL *)url
{
    self = [super initWithBaseURL:url];
    if(!self)
        return nil;

    self.requestSerializer = [AFJSONRequestSerializer serializer];

    [[AFNetworkActivityIndicatorManager sharedManager] setEnabled:YES];
    AFSecurityPolicy *mySecurityPolicy = [[AFSecurityPolicy alloc] init];
    [mySecurityPolicy setSSLPinningMode:AFSSLPinningModeCertificate];


    [self  setSecurityPolicy:mySecurityPolicy];


    return self;
}

当我跑步时,我收到错误:

  

错误:错误域= NSURLErrorDomain代码= -1012“操作无法完成。(NSURLErrorDomain错误-1012。)

知道为什么不能获取JSON数据以及为什么系统无法读取my.cer文件?

当我尝试手动读取.cer文件时

[mySecurityPolicy setPinnedCertificates:[[NSArray alloc] initWithObjects:@"apache.cer", nil]];

它崩溃!!

2 个答案:

答案 0 :(得分:4)

我通过手动加载证书来获得我的证书:

- (void)setupSSL
{
    self.securityPolicy.SSLPinningMode = AFSSLPinningModePublicKey;
    NSString *sslPublicKeyPath = [[NSBundle mainBundle] pathForResource:@"mydomain" ofType:@"cer"];
    NSData *sslPublicKey = [NSData dataWithContentsOfFile:sslPublicKeyPath];
    [self.securityPolicy setPinnedCertificates:@[
        sslPublicKey
    ]];
}

我用我的pem生成了我的密钥:

openssl x509 -in mydomain.pem -out mydomain.cer -outform der

答案 1 :(得分:1)

我解决了在我的单例类中添加此代码以读取证书文件:

NSString* fileRoot = [[NSBundle mainBundle] pathForResource:@"apache" ofType:@"cer"];

NSData *certData = [[NSData alloc] initWithContentsOfFile:fileRoot];

self.requestSerializer = [AFJSONRequestSerializer serializer];

[[AFNetworkActivityIndicatorManager sharedManager] setEnabled:YES];
AFSecurityPolicy *mySecurityPolicy = [[AFSecurityPolicy alloc] init];
[mySecurityPolicy setSSLPinningMode:AFSSLPinningModeCertificate];

[mySecurityPolicy setAllowInvalidCertificates:YES];
[mySecurityPolicy setPinnedCertificates:[[NSArray alloc] initWithObjects:certData, nil]];

可能是.cer文件的默认读取它不起作用,你必须手动完成(如上面的代码)

相关问题
最新问题