Https iOS自签名证书 [英] Https iOS with self signed certificate
问题描述
我有一个拥有自签名证书的服务器。我想使用https表单将设备连接到服务器。
我听说我必须接受连接。但我不知道如何。
我有一个自签名证书,因为它是一个测试服务器。但我想使用https表单访问它?
当我尝试使用https访问时出现错误:
I have a server with a self signed certificate . I want to connect my device with the server with https form . I hear that I must just accept the connexion . But I don t know how . I have a self signed certificate because it is a test server. But I want to access it with https form? When I try to access with https I have an error :
SURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)
然后它是一个自签名证书。
Then it is a self signed certificate .
有人可以帮助我吗?
推荐答案
默认情况下,Cocoa在证书无效时拒绝所有SSL连接。
By default, Cocoa refuses all SSL connections when the certificate is invalid.
但是,您可以强制他们接受无效的证书。该方法取决于您使用的库/框架。例如:
However, you can force them to accept also invalid certificates. The method depends on which library/framework you are using. For example:
- 对于NSURLConnection,请检查此
- 对于ASIHTTPRequest,您需要将属性
validatesSecureCertificate
设置为NO。 - 对于AFNetworking,您可以检查要在此页面中使用的代码
- 对于CFNetwork,低级Foundation框架,请检查此示例代码。
- 对于看起来像您正在使用的SURLConnection,您需要遵循NSURLConnection的相同说明。事实上,SURLConnection只是NSURLConnection的子类。
- For NSURLConnection, check this answer.
- For ASIHTTPRequest, you need to set the property
validatesSecureCertificate
to NO. - For AFNetworking, you can check the code to use in this page
- For CFNetwork, the low-level Foundation framework, check this sample code.
- For SURLConnection, which looks like you're using, you need to follow the same instructions for NSURLConnection. Indeed, SURLConnection is just a subclass of NSURLConnection.
重要注意事项:
上面的代码,接受任何类型的SSL证书,即使无效,都是一个严重的安全风险。基本上,它使整个SSL无用。因此,如果您确实需要使用SSL连接进行测试,那么您应该只在开发过程中使用该代码 。
请注意,Apple会拒绝任何提交给接受无效SSL证书的App Store。
Important note:
The code above, to accept any kind of SSL certificate, even if invalid, is a serious security risk. Basically, it makes the whole SSL useless. As a consequence, you should use that code only during development, if you really need to test with SSL connections.
Please also note that Apple will reject any application submitted to the App Store that accepts invalid SSL certificates.
这篇关于Https iOS自签名证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!