UnityWebRequest 更改为 https [英] UnityWebRequest change to https

问题描述

我在 http 下有统一的 android 应用程序和站点 api 的工作基础设施.

最近换了服务器，申请了ssl证书.现在我的 api 在 https 下.

在统一应用程序中，我使用 UnityWebRequest 与我的 api 进行通信.切换到 https 后的逻辑变化是将应用程序内的所有 api 地址从 http 更改为 https.我这样做了，但是我的 api 表现得很奇怪.(一直将我自己的错误状态作为响应，而在没有证书的旧服务器上给出良好的响应.)

在切换到 https 时我需要更改什么吗?

解决方案

通常 Unity 会自动处理证书并根据已知的根证书对其进行验证或根据平台完全忽略它们:

<块引用>

UnityWebRequest.certificateHandler:
将此属性设置为 null 会使平台使用默认证书验证.某些平台将根据根证书颁发机构存储验证证书.其他平台将完全绕过证书验证.

但是，如果 Unity 决定首先使用自签名证书，则会失败.

---

因此，对于带有自签名证书的 https，您可能需要实现一个 CertificateHandler 实现方法 ValidateCertificate.

您可以简单地通过接受它们全部来绕过证书(这更容易，但当然会使https变得毫无意义)

public class BypassCertificate : CertificateHandler{protected override bool ValidateCertificate(byte[] certificateData){//无论如何都简单地返回true返回真；}}

或者用你的公钥试试文档中的这个例子

//基于 https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning#.Net类 AcceptAllCertificatesSignedWithASpecificPublicKey : CertificateHandler{//编码的 RSAPublicKey私有静态字符串PUB_KEY =30818902818100C4A06B7B52F8D17DC1CCB47362"+《C64AB799AAE19E245A7559E9CEEC7D8AA4DF07CB0B21FDFD763C63A313A668FE9D764E》+《D913C51A676788DB62AF624F422C2F112C1316922AA5D37823CD9F43D1FC54513D14B2》+"9E36991F08A042C42EAAEEE5FE8E2CB10167174A359CEBF6FACC2C9CA933AD403137EE"+《2C3F4CBED9460129C72B0203010001》；protected override bool ValidateCertificate(byte[] certificateData){X509Certificate2 证书 = 新 X509Certificate2(certificateData);string pk = certificate.GetPublicKeyString();返回 pk.Equals(PUB_KEY));}}

并将其添加到您的请求中

using(var www = UnityWebRequest.Get("https://example.com")){//www.certificateHandler = new BypassCertificate();//或者www.certificateHandler = new AcceptAllCertificatesSignedWithASpecificPublicKey();收益率返回 www.SendWebRequest();//...}

<块引用>

注意:自定义证书验证目前仅适用于以下平台 - Android、iOS、tvOS 和桌面平台.

所以在 Android 上你应该没问题.

CertificateHandler 默认自动处​​理 与 UnityWebRequest 一起使用，因此无需再做.

I had working infrastructure of unity android app and site api working under http.

Recently I have switched the server and applied ssl certificate. Now my api is under https.

In unity app I'm using UnityWebRequest to communicate with my api. The logical change after switching to https will be changing all api addressees within the app from http to https. I did this, but my api is behaving weirdly. (Giving my own error status as a response all the time, whereas giving good response on old server without certificate.)

Is there anything extra I need to change with the switch to https?

解决方案

Usually Unity would handle the certificate automatically and validate it against known root certificates or ignore them completely depending on the platform:

UnityWebRequest.certificateHandler:
Setting this property to null makes the platform use the default certificate validation. Some platforms will validate certificates against a root certificate authority store. Other platforms will simply bypass certificate validation completely.

Using a self-signed certificate, however, will fail if Unity decides for the first.

---

So, for https with a self-signed certificate you might have to implement a CertificateHandler that implements the method ValidateCertificate.

You could either simply bypass the certificate by accepting them all (which is easier but ofcourse would make the https kind of pointless)

public class BypassCertificate : CertificateHandler
{
    protected override bool ValidateCertificate(byte[] certificateData)
    {
        //Simply return true no matter what
        return true;
    }
} 

Or try this example from the docs with your public key

// Based on https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning#.Net
class AcceptAllCertificatesSignedWithASpecificPublicKey : CertificateHandler
{
    // Encoded RSAPublicKey
    private static string PUB_KEY = "30818902818100C4A06B7B52F8D17DC1CCB47362" +
        "C64AB799AAE19E245A7559E9CEEC7D8AA4DF07CB0B21FDFD763C63A313A668FE9D764E" +
        "D913C51A676788DB62AF624F422C2F112C1316922AA5D37823CD9F43D1FC54513D14B2" +
        "9E36991F08A042C42EAAEEE5FE8E2CB10167174A359CEBF6FACC2C9CA933AD403137EE" +
        "2C3F4CBED9460129C72B0203010001";

    protected override bool ValidateCertificate(byte[] certificateData)
    {
        X509Certificate2 certificate = new X509Certificate2(certificateData);

        string pk = certificate.GetPublicKeyString();

        return pk.Equals(PUB_KEY));
    }
}

And add it to your request

using(var www = UnityWebRequest.Get("https://example.com"))
{
    //www.certificateHandler = new BypassCertificate();
    // Or
    www.certificateHandler = new AcceptAllCertificatesSignedWithASpecificPublicKey();

    yield return www.SendWebRequest();
    
    //...
}

Note: Custom certificate validation is currently only implemented for the following platforms - Android, iOS, tvOS and desktop platforms.

So on Android you should be fine.

The CertificateHandler is by default automatically disposed together with the UnityWebRequest so there is no more to do.

这篇关于UnityWebRequest 更改为 https的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！