如何使用NSURLConnection连接SSL以获取不受信任的证书? [英] How to use NSURLConnection to connect with SSL for an untrusted cert?
问题描述
我有以下简单的代码连接到SSL网页
I have the following simple code to connect to a SSL webpage
NSMutableURLRequest *urlRequest=[NSMutableURLRequest requestWithURL:url];
[ NSURLConnection sendSynchronousRequest: urlRequest returningResponse: nil error: &error ];
如果证书是自签名证书,则会出现错误错误域= NSURLErrorDomain代码= -1202 UserInfo = 0xd29930不受信任的服务器证书。有没有办法将它设置为接受连接(就像在浏览器中你可以按接受)或绕过它的方法?
Except it gives an error if the cert is a self signed one Error Domain=NSURLErrorDomain Code=-1202 UserInfo=0xd29930 "untrusted server certificate". Is there a way to set it to accept connections anyway (just like in a browser you can press accept) or a way to bypass it?
推荐答案
有一个支持的API来完成这个!将这样的内容添加到 NSURLConnection 委托:
There is a supported API for accomplishing this! Add something like this to your NSURLConnection delegate:
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
if ([trustedHosts containsObject:challenge.protectionSpace.host])
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}
请注意 connection:didReceiveAuthenticationChallenge:可以在稍后向用户显示对话框之后将其消息发送到challenge.sender(等等)。
Note that connection:didReceiveAuthenticationChallenge: can send its message to challenge.sender (much) later, after presenting a dialog box to the user if necessary, etc.
这篇关于如何使用NSURLConnection连接SSL以获取不受信任的证书?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
