如何在iOS中检查SSL证书的安全性？ [英] How to check the security of the SSL certificate in iOS?

问题描述

我想检查天气，网址中存在的SSL cetificate也想检查其版本和验证类型。

I wann check weather the SSL cetificate is present in the URL also wants to check its version and validation type.

我创建了一个应用程序，我在调用它NSURLConnection委托通过服务器发送请求的方法。

I have created a application where I am calling the NSURLConnection delegate methods to send request over a server.

还使用canAuthenticateAgainstProtectionSpace方法，但是一旦连接是这个方法就不会被调用已建立。

Also used "canAuthenticateAgainstProtectionSpace" method, but this method is not getting called once the connection is established.

任何人都可以告诉我如何实现这一目标。

Can anyone tell me how to achieve this.

推荐答案

iOS不会为您提供非常精细的证书信息访问权限。您有两种选择：私有API或使用OpenSSL构建您自己的评估程序。

iOS does not give you very granular access to certificate information. You have two choices: private APIs or build your own evaluator with OpenSSL.

您可以在开源代码。该版本可从 SecCertificateVersion（）获得。我不确定你的验证类型是什么意思。

You can see the private certificate functions in the opensource code. The version is available from SecCertificateVersion(). I'm not certain what you mean by "validation type" here.

要使用OpenSSL执行此操作，您可以使用 SecCertificateCopyData获取DER数据（）然后自己解析所有内容。

To do this with OpenSSL, you can get the DER data with SecCertificateCopyData() and then parse everything yourself.

我建议在此问题上打开雷达（bugreporter.apple.com）。无法访问有关证书的基本信息是一个严重的问题。

I suggest opening a radar (bugreporter.apple.com) on this issue. The lack of access to basic information about the certificate is a serious problem.

如果您正在寻找从中提取证书的示例代码NSURLConnection ，请参阅第11章来自 iOS：PTL 的示例代码：

If you're looking for sample code that extracts the certificate from the NSURLConnection, see the Chapter 11 sample code from iOS:PTL:

- (void)connection:(NSURLConnection *)connection
  willSendRequestForAuthenticationChallenge:
  (NSURLAuthenticationChallenge *)challenge
{
  NSURLProtectionSpace *protSpace = challenge.protectionSpace;
  SecTrustRef trust = protSpace.serverTrust;
  ...
    SecCertificateRef cert = SecTrustGetCertificateAtIndex(trust, 0);
  ...

此时，证书持有你的叶子证书。

At this point, cert holds your leaf certificate.

这篇关于如何在iOS中检查SSL证书的安全性？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！