带有自签名证书的 HTTPS iOS [英] Https iOS with self signed certificate

问题描述

我有一台带有自签名证书的服务器.我想用 https 形式将我的设备与服务器连接.我听说我必须接受连接.但我不知道如何.我有一个自签名证书，因为它是一个测试服务器.但我想用 https 形式访问它?当我尝试使用 https 访问时出现错误:

I have a server with a self signed certificate . I want to connect my device with the server with https form . I hear that I must just accept the connexion . But I don t know how . I have a self signed certificate because it is a test server. But I want to access it with https form? When I try to access with https I have an error :

SURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)

然后它是一个自签名证书.

Then it is a self signed certificate .

有人可以帮助我吗?

推荐答案

默认情况下，Cocoa 在证书无效时拒绝所有 SSL 连接.

By default, Cocoa refuses all SSL connections when the certificate is invalid.

但是，您可以强制他们接受无效的证书.该方法取决于您使用的库/框架.例如:

However, you can force them to accept also invalid certificates. The method depends on which library/framework you are using. For example:

• 对于 NSURLConnection，请查看这个答案.
• 对于 ASIHTTPRequest，您需要将属性 validatesSecureCertificate 设置为 NO.
• 对于 AFNetworking，您可以在此页面中检查要使用的代码.莉>
• 对于低级 Foundation 框架 CFNetwork，请查看此示例代码.
• 对于 SURLConnection，看起来您正在使用，您需要遵循 NSURLConnection 的相同说明.事实上，SURLConnection 只是 NSURLConnection 的一个子类.

• For NSURLConnection, check this answer.
• For ASIHTTPRequest, you need to set the property validatesSecureCertificate to NO.
• For AFNetworking, you can check the code to use in this page
• For CFNetwork, the low-level Foundation framework, check this sample code.
• For SURLConnection, which looks like you're using, you need to follow the same instructions for NSURLConnection. Indeed, SURLConnection is just a subclass of NSURLConnection.

重要说明:
上面的代码，接受任何一种SSL证书，即使是无效的，也是一个严重的安全隐患.基本上，它使整个 SSL 变得无用.因此，如果您确实需要使用 SSL 连接进行测试，您应该仅在开发期间使用该代码.
另请注意，Apple 将拒绝提交到 App Store 的任何接受无效 SSL 证书的应用程序.

Important note:
The code above, to accept any kind of SSL certificate, even if invalid, is a serious security risk. Basically, it makes the whole SSL useless. As a consequence, you should use that code only during development, if you really need to test with SSL connections.
Please also note that Apple will reject any application submitted to the App Store that accepts invalid SSL certificates.

这篇关于带有自签名证书的 HTTPS iOS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！