带证书的swift REST请求返回错误(代码-999)

时间:2018-01-17 14:47:58

标签: json swift rest ssl-certificate alamofire

所以我向我的服务器请求登录(我传递登录名,密码和deviceId)。结果我得到“令牌”作为字符串。我还需要添加证书来访问我的REST。

但我的代码无效。

#!/bin/bash

echo "Enter PIN, please"
read pin

grep "${pin}" pins.txt | cut -d' ' -f2,3

因此,每当我在控制器中调用该登录请求方法时(例如,在按下按钮登录后),我会收到以下错误:

class RestService {

private init(){}
static let shared = RestService()
var loginData:NSDictionary?


class func getCertificates() -> [SecCertificate]{
    let url = Bundle.main.url(forResource: "certf", withExtension: "cer")!
    let localCertificate = try! Data(contentsOf: url) as CFData
    guard let certificate = SecCertificateCreateWithData(nil, localCertificate) else {return[]}
    return [certificate]
}

let almgr:Alamofire.SessionManager = {
    let certificates = getCertificates()
    let trustPolicy = ServerTrustPolicy.pinCertificates(certificates: certificates, validateCertificateChain: true, validateHost: true)
    let serverTrustPolicies = ["liper":trustPolicy]
    let serverTrustPolicyManager = ServerTrustPolicyManager(policies: serverTrustPolicies)

    let configuration = URLSessionConfiguration.default
    configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders
    let man = Alamofire.SessionManager(configuration: URLSessionConfiguration.default, serverTrustPolicyManager: serverTrustPolicyManager)
    return man
}()


func loginRest(login:String, password:String, deviceId:String){
            let urlStr = RestServices.REST_MAIN_URL + RestServices.REST_LOGIN
            let params = ["login":login, "password":password, "deviceId":deviceId]
            let headers: HTTPHeaders = ["Content-Type": "application/json"]

            RestService.shared.almgr.request(urlStr, method: .post, parameters: params, encoding: JSONEncoding.default, headers: headers).responseJSON { (response) in
                let _ =  RestService.shared.almgr
                switch response.result {
                case .success:
                    print("\(self.TAG), receiving response from login with \(response)")
                    guard let receivedResponse = try! JSONSerialization.jsonObject(with: response.data!, options: []) as? [String:Any] else {
                        print("\(self.TAG), Error parsing response from login for json")
                        return
                    }
                    if let token:String = receivedResponse["token"] as? String {
                        print("\(self.TAG), \(token)")
                    } else {
                        print("\(self.TAG), error receiving token")
                        if let errorMessage:String = receivedResponse["status"] as? String {
                            print("\(self.TAG), error message for login with received response status: \(errorMessage)")
                        }
                        return
                    }


                case .failure(let error):
                    print("\(self.TAG), error receiving response for login with \(error)")
                    return
                }
            }
        }
    }

我100%确定我正在传递正确的值并提出正确的请求,但我总是得到这些错误。我做错了什么?

1 个答案:

答案 0 :(得分:1)

所以我明白了。问题出在于定义信任政策:

let almgr:Alamofire.SessionManager = {
    let certificates = getCertificates()
    let trustPolicy = ServerTrustPolicy.pinCertificates(certificates: certificates, validateCertificateChain: true, validateHost: true)
// Here I had to modify that dict: (with port and with .disableEvaluation)
    let serverTrustPolicies = ["liper:8000":trustPolicy, "liper":.disableEvaluation]
    let serverTrustPolicyManager = ServerTrustPolicyManager(policies: serverTrustPolicies)

    let configuration = URLSessionConfiguration.default
    configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders
    let man = Alamofire.SessionManager(configuration: URLSessionConfiguration.default, serverTrustPolicyManager: serverTrustPolicyManager)
    return man
}()

现在工作得很好。有什么奇怪的,我必须添加端口到证书固定,因为没有它我得到ATS错误的错误证书。并且.disableEvaluation也必须没有端口..另外,正如@MAhipal Singh所提到的,我不得不修改info.plist:

“在info.plist中添加它可能解决:NSAppTransportSecurity NSAllowsArbitraryLoads”