iOS:URLRequest错误域= NSURLErrorDomain代码= -1202“此服务器的证书无效
我正在尝试实现一个请求:
func makeRequest(urlStr: String) {
let session = URLSession.shared
let url = URL(string: urlStr)!
let task = session.dataTask(with: url, completionHandler: { data, response, error in
if error != nil {
print(error)
}
})
task.resume()
}
但是我需要安装证书,并且生成证书并手动安装在设备上:
ex +'/BEGIN CERTIFICATE/,/END CERTIFICATE/p' <(echo | openssl s_client -showcerts -connect myDomain.io:8243) -scq > file.crt
当我发出请求时,出现此错误:
- some : Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “myDomain.io” which could put your confidential information at risk." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x281cd4870>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, NSErrorPeerCertificateChainKey=(
"<cert(0x106002800) s: localhost i: localhost>"
), NSUnderlyingError=0x2820acd80 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x281cd4870>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9813, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x106002800) s: localhost i: localhost>"
)}}, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “myDomain.io” which could put your confidential information at risk., NSErrorFailingURLKey=https://myDomain.io:8243, NSErrorFailingURLStringKey=https://myDomain.io:8243, NSErrorClientCertificateStateKey=0}
你们中的任何人都知道为什么或如何解决此问题?还是应用程序可以在设备中识别证书的方式?
非常感谢您的帮助。
1 个答案:
答案 0 :(得分:0)
使用以下代码进行证书固定。将您的公钥证书添加到应用中。
let config = URLSessionConfiguration.default
let session = URLSession(configuration: config, delegate: self, delegateQueue: nil)
guard let url1 = URL.init(string: "Your URL") else {
return
}
var request = URLRequest.init(url: url1)
let task = session?.dataTask(with: request) { (data, response, error) in
}
extension yourClassName : URLSessionDelegate {
public func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
if let serverTrust = challenge.protectionSpace.serverTrust {
var secresult = SecTrustResultType.invalid
let status = SecTrustEvaluate(serverTrust, &secresult)
if (errSecSuccess == status) {
if let serverCertificate = SecTrustGetCertificateAtIndex(serverTrust, 0) {
let serverCertificateData = SecCertificateCopyData(serverCertificate)
let data = CFDataGetBytePtr(serverCertificateData)
let size = CFDataGetLength(serverCertificateData)
let cert1 = NSData(bytes: data, length: size)
var file_der: String?
if let certName = "certiifcate Name", let certType = "certicifateType" {
file_der = Bundle.main.path(forResource: certName, ofType: certType)
}
if let file = file_der {
if let cert2 = NSData(contentsOfFile: file) {
completionHandler(URLSession.AuthChallengeDisposition.useCredential, URLCredential(trust: serverTrust))
return
// }
}
}
}
}
}
}
// Pinning failed
completionHandler(URLSession.AuthChallengeDisposition.cancelAuthenticationChallenge, nil)
}
}
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?