UnityWebRequest更改为https [英] UnityWebRequest change to https
问题描述
我在http下具有统一的android应用和站点api的工作基础结构.
I had working infrastructure of unity android app and site api working under http.
最近我已切换服务器并应用了ssl certificate.现在我的api在https下.
Recently I have switched the server and applied ssl certificate. Now my api is under https.
在统一应用中,我正在使用UnityWebRequest与我的api通信.切换到https后的逻辑更改是将应用内的所有api地址从http更改为https.我做到了,但是我的api表现异常. (始终将我自己的错误状态作为响应,而在没有证书的旧服务器上给出良好的响应.)
In unity app I'm using UnityWebRequest to communicate with my api. The logical change after switching to https will be changing all api addressees within the app from http to https. I did this, but my api is behaving weirdly. (Giving my own error status as a response all the time, whereas giving good response on old server without certificate.)
在切换到https时,我还需要更改其他内容吗?
Is there anything extra I need to change with the switch to https?
推荐答案
通常,Unity会自动处理证书并针对已知的根证书对其进行验证,或者根据平台完全忽略它们:
Usually Unity would handle the certificate automatically and validate it against known root certificates or ignore them completely depending on the platform:
UnityWebRequest.certificateHandler:
将此属性设置为null可使平台使用默认的证书验证.某些平台将针对根证书颁发机构存储来验证证书.其他平台将完全绕过证书验证.
UnityWebRequest.certificateHandler:
Setting this property tonullmakes the platform use the default certificate validation. Some platforms will validate certificates against a root certificate authority store. Other platforms will simply bypass certificate validation completely.
但是,如果Unity决定使用第一个,则使用自签名证书将失败.
Using a self-signed certificate, however, will fail if Unity decides for the first.
So, for https with a self-signed certificate you might have to implement a CertificateHandler that implements the method ValidateCertificate.
您可以通过接受全部来绕过证书(这很容易,但是当然会使https毫无意义)
You could either simply bypass the certificate by accepting them all (which is easier but ofcourse would make the https kind of pointless)
public class BypassCertificate : CertificateHandler
{
protected override bool ValidateCertificate(byte[] certificateData)
{
//Simply return true no matter what
return true;
}
}
或者尝试使用公共密钥从文档中获取此示例
Or try this example from the docs with your public key
// Based on https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning#.Net
class AcceptAllCertificatesSignedWithASpecificPublicKey : CertificateHandler
{
// Encoded RSAPublicKey
private static string PUB_KEY = "30818902818100C4A06B7B52F8D17DC1CCB47362" +
"C64AB799AAE19E245A7559E9CEEC7D8AA4DF07CB0B21FDFD763C63A313A668FE9D764E" +
"D913C51A676788DB62AF624F422C2F112C1316922AA5D37823CD9F43D1FC54513D14B2" +
"9E36991F08A042C42EAAEEE5FE8E2CB10167174A359CEBF6FACC2C9CA933AD403137EE" +
"2C3F4CBED9460129C72B0203010001";
protected override bool ValidateCertificate(byte[] certificateData)
{
X509Certificate2 certificate = new X509Certificate2(certificateData);
string pk = certificate.GetPublicKeyString();
if (pk.Equals(PUB_KEY))
return true;
// Bad dog
return false;
}
}
并将其添加到您的请求中
And add it to your request
using(var www = UnityWebRequest.Get("https://example.com"))
{
//www.certificateHandler = new BypassCertificate();
// Or
www.certificateHandler = new AcceptAllCertificatesSignedWithASpecificPublicKey();
yield return www.SendWebRequest();
//...
}
注意:当前仅对以下平台(Android,iOS,tvOS和桌面平台)实施自定义证书验证.
Note: Custom certificate validation is currently only implemented for the following platforms - Android, iOS, tvOS and desktop platforms.
所以在Android上应该没问题.
So on Android you should be fine.
CertificateHandler默认为自动处置以及UnityWebRequest,所以没有其他事情要做了.
The CertificateHandler is by default automatically disposed together with the UnityWebRequest so there is no more to do.
这篇关于UnityWebRequest更改为https的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
