自签名证书iOS

时间:2016-11-02 14:28:18

标签: ios ssl swift3 alamofire

我正在尝试配置我的iOS应用以接受自签名证书。 我试图通过点击按钮获取数据。以下是我目前使用的代码:

private var manager : SessionManager?

func setManager(url: String) {
    let serverTrustPolicies: [String: ServerTrustPolicy] = [
        url: .disableEvaluation
    ]

    let configuration = URLSessionConfiguration.default
    configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders

    manager = Alamofire.SessionManager(
        configuration: configuration,
        serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
    )
}

@IBAction func nonCertifiedClick(_ sender: UIButton) {
    outputText.text = ""

    setManager(url: "sand.xxx.int:16443")
    manager?.request("https://sand.xxx.int:16443/version").response { response in
        debugPrint("R: \(response)")

        if let data = response.data, let utf8Text = String(data: data, encoding: .utf8) {
            print("Data: \(utf8Text)")
            self.outputText.text = utf8Text
        }
    }
}

我的Info.plist文件具有以下配置:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict> 

但是当执行请求时,我得到以下响应:

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)
"R: DefaultDataResponse(request: Optional(https://sand.xxx.int:16443/version), response: nil, data: Optional(0 bytes), 
error: Optional(Error Domain=NSURLErrorDomain Code=-1202 \"The certificate for this server is invalid. You might be connecting to a server that is pretending to be “sand.xxx.int” which could put your confidential information at risk.\" 
UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600000105730>, 
NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, 
_kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, 
NSErrorPeerCertificateChainKey=(\n    \"<cert(0x7fcf8b81e800) s: sand i: sand>\"\n), 
NSUnderlyingError=0x60000005f440 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 \"(null)\" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, 
kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x600000105730>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9813, 
_kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, 
kCFStreamPropertySSLPeerCertificates=(\n    \"<cert(0x7fcf8b81e800) s: sand i: sand>\"\n)}},

NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “sand.xxx.int” which could put your confidential information at risk., 
NSErrorFailingURLKey=https://sand.xxx.int:16443/version,
 NSErrorFailingURLStringKey=https://sand.xxx.int:16443/version, NSErrorClientCertificateStateKey=0}), 
_metrics: Optional((Task Interval) <_NSConcreteDateInterval: 0x600000224e40> (Start Date) 2016-11-02 14:13:57 +0000 + (Duration) 0.381569 seconds = (End Date) 2016-11-02 14:13:58 +0000\n(Redirect Count) 0\n(Transaction Metrics) (Request) <NSURLRequest: 0x600000200120> { URL: https://sand.xxx.int:16443/version }\n(Response) (null)\n(Fetch Start) 2016-11-02 14:13:57 +0000\n(Domain Lookup Start) (null)\n(Domain Lookup End) (null)\n(Connect Start) (null)\n(Secure Connection Start) (null)\n(Secure Connection End) (null)\n(Connect End) (null)\n(Request Start) 2016-11-02 14:13:57 +0000\n(Request End) 2016-11-02 14:13:57 +0000\n(Response Start) 2016-11-02 14:13:57 +0000\n(Response End) (null)\n(Protocol Name) (null)\n(Proxy Connection) NO\n(Reused Connection) YES\n(Fetch Type) Unknown\n\n))"
Data: 

我正在使用Xcode 8.1Swift3Alamofire4上对此进行测试。 我在这里误解了什么才能让它正常工作?

更新(答案) 如果有人遇到同样的问题,问题是服务器的SSL证书。证书需要至少使用SHA256算法进行签名,但我的签名是SHA1。

1 个答案:

答案 0 :(得分:1)

我遇到了同样的问题。但是使用你的问题,我找到了解决方案。 Tnx ..

这是我的解决方案。它适用于swift 3

创建一个类 SecurityCertificateManager

import Foundation
import Alamofire


class SecurityCertificateManager {
    static let sharedInstance = SecurityCertificateManager()

    let defaultManager: Alamofire.SessionManager = {
        let serverTrustPolicies: [String: ServerTrustPolicy] = [
            "272.73.41.156": .disableEvaluation
        ]

        let configuration = URLSessionConfiguration.default
        configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders

        return Alamofire.SessionManager(
            configuration: configuration,
            serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
        )
    }()
}

viewDIdLoad

中将其命名为
let baseUrl ="https://272.73.41.156/cas/tickets?"+"username="+userEmail.text!+"&password="+userPassword.text!
        print("Base url : \(baseUrl)")

        let params2 = ["nostring": "nodata", "nostring": "nodata",]

        SecurityCertificateManager.sharedInstance.defaultManager.request(baseUrl, method: .post, parameters: params2, encoding: JSONEncoding.default, headers: ["Content-Type":"application/x-www-form-urlencoded"]).responseJSON { (response:DataResponse<Any>) in

            switch(response.result) {
            case .success(_):
                if response.result.value != nil{
                    print("response : \(response.result.value)")
                }
                break

            case .failure(_):
                print("Failure : \(response.result.error)")
                break

            }
        }

它适用于Swift3