Certificate chain 0 s:/OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=ssl279233.cloudflaressl.com i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2 -----BEGIN CERTIFICATE----- MIIHlDCCBzmgAwIBAgIRAPihThYIpoQha3AG/hNj9TcwCgYIKoZIzj0EAwIwgZIx CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTgwNgYDVQQD Ey9DT01PRE8gRUNDIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0Eg MjAeFw0xNjAxMDUwMDAwMDBaFw0xNjEyMzEyMzU5NTlaMGwxITAfBgNVBAsTGERv bWFpbiBDb250cm9sIFZhbGlkYXRlZDEhMB8GA1UECxMYUG9zaXRpdmVTU0wgTXVs dGktRG9tYWluMSQwIgYDVQQDExtzc2wyNzkyMzMuY2xvdWRmbGFyZXNzbC5jb20w WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASDqiHAaHhm92+X/4UZIUpMb2smkyRK MI175Kb2xEbOAFJASRFcbjwqb08lbShxn9AXWV4HKUlg52pEPPA5D/9Do4IFkzCC BY8wHwYDVR0jBBgwFoAUQAlhZ/C8g3FP3hIILG/U1Ct2PZYwHQYDVR0OBBYEFEe4 ChCbKiqR1Ewb7KZyXF6A0k7OMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAA MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBPBgNVHSAESDBGMDoGCysG AQQBsjEBAgIHMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5j b20vQ1BTMAgGBmeBDAECATBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLmNv bW9kb2NhNC5jb20vQ09NT0RPRUNDRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZl ckNBMi5jcmwwgYgGCCsGAQUFBwEBBHwwejBRBggrBgEFBQcwAoZFaHR0cDovL2Ny dC5jb21vZG9jYTQuY29tL0NPTU9ET0VDQ0RvbWFpblZhbGlkYXRpb25TZWN1cmVT ZXJ2ZXJDQTIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC5jb21vZG9jYTQu Y29tMIID2gYDVR0RBIID0TCCA82CG3NzbDI3OTIzMy5jbG91ZGZsYXJlc3NsLmNv bYIYKi5hbnRpcXVlYWR2ZXJ0aXNpbmcuY29tggsqLmNjbm93LmNvbYITKi5jaGlj bG9jYXRpb25zLmNvbYIQKi5jai1qYWNrc29uLmNvbYIUKi5jb3Vyc2VjcnVzaGVy cy5jb22CESouZWNvc3lzdGVtaHEuY29tghUqLmZpZ2h0Y2Vuc29yc2hpcC5vcmeC FiouZ29ic21hY2tjb21pY3MuY28udWuCDiouZ29mdW5ib3guY29tgg4qLmdvZnVu Ym94Lm5ldIIOKi5nb2Z1bmJveC5vcmeCDCouaG92ZWxvLmNvbYITKi5sZXRtZXdh dGNodGhpcy5sdYIYKi5uZXdvcmxlYW5zbW9tc2Jsb2cuY29tghsqLm5pbnRlbmRv Zm9yY2VtYWdhemluZS5jb22CEyoubm9icm9rZW5kcmlwcy5jb22CDyoub3BlbnRl Y2guZnVuZIIgKi5wYXR0YXlhZ3Vlc3RmcmllbmRseWhvdGVscy5jb22CDCoucHJl aXNrLmNvbYIYKi5yYXBpZGFjdGlvbmNlbnRyYWwuY29tgg8qLnNvbGFybW92aWUu bHWCEyoudG9wc21hcmtldGluZy5jb22CDioudm9zY3JlZW4uY29tghgqLnlvdXJ0 aXJlc2hvcHN1cHBseS5jb22CFmFudGlxdWVhZHZlcnRpc2luZy5jb22CCWNjbm93 LmNvbYIRY2hpY2xvY2F0aW9ucy5jb22CDmNqLWphY2tzb24uY29tghJjb3Vyc2Vj cnVzaGVycy5jb22CD2Vjb3N5c3RlbWhxLmNvbYITZmlnaHRjZW5zb3JzaGlwLm9y Z4IUZ29ic21hY2tjb21pY3MuY28udWuCDGdvZnVuYm94LmNvbYIMZ29mdW5ib3gu bmV0ggxnb2Z1bmJveC5vcmeCCmhvdmVsby5jb22CEWxldG1ld2F0Y2h0aGlzLmx1 ghZuZXdvcmxlYW5zbW9tc2Jsb2cuY29tghluaW50ZW5kb2ZvcmNlbWFnYXppbmUu Y29tghFub2Jyb2tlbmRyaXBzLmNvbYINb3BlbnRlY2guZnVuZIIecGF0dGF5YWd1 ZXN0ZnJpZW5kbHlob3RlbHMuY29tggpwcmVpc2suY29tghZyYXBpZGFjdGlvbmNl bnRyYWwuY29tgg1zb2xhcm1vdmllLmx1ghF0b3BzbWFya2V0aW5nLmNvbYIMdm9z Y3JlZW4uY29tghZ5b3VydGlyZXNob3BzdXBwbHkuY29tMAoGCCqGSM49BAMCA0kA MEYCIQDtuNv9uln2jYTMAkrYQwRme8FHl7orN/FX03uQrIK0ZQIhAPR29giciodd 3DMcaoqSXvJoDB8SY0ieKwWvFXZoq+fZ -----END CERTIFICATE----- 1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2 i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority -----BEGIN CERTIFICATE----- MIIDnzCCAyWgAwIBAgIQWyXOaQfEJlVm0zkMmalUrTAKBggqhkjOPQQDAzCBhTEL MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwOTI1MDAw MDAwWhcNMjkwOTI0MjM1OTU5WjCBkjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N T0RPIENBIExpbWl0ZWQxODA2BgNVBAMTL0NPTU9ETyBFQ0MgRG9tYWluIFZhbGlk YXRpb24gU2VjdXJlIFNlcnZlciBDQSAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD QgAEAjgZgTrJaYRwWQKOqIofMN+83gP8eR06JSxrQSEYgur5PkrkM8wSzypD/A7y ZADA4SVQgiTNtkk4DyVHkUikraOCAWYwggFiMB8GA1UdIwQYMBaAFHVxpxlIGbyd nepBR9+UxEh3mdN5MB0GA1UdDgQWBBRACWFn8LyDcU/eEggsb9TUK3Y9ljAOBgNV HQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECATBMBgNV HR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9FQ0ND ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDByBggrBgEFBQcBAQRmMGQwOwYIKwYB BQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET0VDQ0FkZFRydXN0 Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC5jb21vZG9jYTQuY29tMAoG CCqGSM49BAMDA2gAMGUCMQCsaEclgBNPE1bAojcJl1pQxOfttGHLKIoKETKm4nHf EQGJbwd6IGZrGNC5LkP3Um8CMBKFfI4TZpIEuppFCZRKMGHRSdxv6+ctyYnPHmp8 7IXOMCVZuoFwNLg0f+cB0eLLUg== -----END CERTIFICATE----- 2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root -----BEGIN CERTIFICATE----- MIID0DCCArigAwIBAgIQQ1ICP/qokB8Tn+P05cFETjANBgkqhkiG9w0BAQwFADBv MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD VQQDEyJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MHYwEAYHKoZI zj0CAQYFK4EEACIDYgAEA0d7L3XJghWF+3XkkRbUq2KZ9T5SCwbOQQB/l+EKJDwd AQTuPdKNCZcM4HXk+vt3iir1A2BLNosWIxatCXH0SvQoULT+iBxuP2wvLwlZW6Vb CzOZ4sM9iflqLO+y0wbpo4H+MIH7MB8GA1UdIwQYMBaAFK29mHo0tCb3+sQmVO8D veAky1QaMB0GA1UdDgQWBBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8E BAMCAYYwDwYDVR0TAQH/BAUwAwEB/zARBgNVHSAECjAIMAYGBFUdIAAwSQYDVR0f BEIwQDA+oDygOoY4aHR0cDovL2NybC50cnVzdC1wcm92aWRlci5jb20vQWRkVHJ1 c3RFeHRlcm5hbENBUm9vdC5jcmwwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzAB hh5odHRwOi8vb2NzcC50cnVzdC1wcm92aWRlci5jb20wDQYJKoZIhvcNAQEMBQAD ggEBAB3H+i5AtlwFSw+8VTYBWOBTBT1k+6zZpTi4pyE7r5VbvkjI00PUIWxB7Qkt nHMAcZyuIXN+/46NuY5YkI78jG12yAA6nyCmLX3MF/3NmJYyCRrJZfwE67SaCnjl lztSjxLCdJcBns/hbWjYk7mcJPuWJ0gBnOqUP3CYQbNzUTcp6PYBerknuCRR2RFo 1KaFpzanpZa6gPim/a5thCCuNXZzQg+HCezF3OeTAyIal+6ailFhp5cmHunudVEI kAWvL54TnJM/ev/m6+loeYyv4Lb67psSE/5FjNJ80zXrIRKT/mZ1JioVhCb3ZsnL jbsJQdQYr7GzEPUQyp2aDrV1aug= -----END CERTIFICATE-----
当我运行openssl s_client -connect xxx:443 -showcerts时 我得到了上面的答复。
我想在AFNetworking中使用ssl固定。我应该使用哪种证书进行SSL固定我使用以下功能进行AFnetworking设置
+(AFSecurityPolicy*)setCertificateSettings
{
AFSecurityPolicy* policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
[policy setValidatesDomainName:NO];
[policy setAllowInvalidCertificates:YES];
return policy;
}
这是证书.pem还是.cer?我应该将此证书转换为特定格式。