如何在iOS应用程序中启用TLS 1.2,1.1,1.0和SSL? [英] How to Enable TLS 1.2, 1.1,1.0, and SSL in iOS app?
问题描述
我的问题与Apple Transport Security(ATS)有关,我太困惑了。
My question is related to Apple Transport Security (ATS) and I am too much confused.
我想支持所有协议(所有版本的TLS和SSL) )在我的快速应用程序中。如果我将NSAllowsArbitraryLoads更改为false,默认情况下app是否适用于所有协议?或者我是否必须在配置中指定域并添加NSExceptionMinimumTLSVersion?
I want to support all the protocols (all version of TLS and SSL) in my swift app. If I change NSAllowsArbitraryLoads to false, will app work on all protocols by default? Or do I have to specify domain in configuration and add NSExceptionMinimumTLSVersion?
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<false/>
<key>NSExceptionDomains</key>
<dict>
<key>your.servers.domain.here</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
</dict>
</dict>
我该怎么检查我的应用程序正在与服务器通信什么协议?
And how can I check my app is communicating with server on what protocol?
推荐答案
简而言之,您需要指定NSExceptionMinimumTLSVersion以支持TLS1.0及更高版本; 1.2+是默认值。
In short, you need to specify NSExceptionMinimumTLSVersion to support TLS1.0 and up; 1.2+ is the default.
为什么要尝试支持较旧的,安全性较低的协议?
Why are you trying to support older, less secure protocols anyway?
I不知道如何检查正在使用的协议,但是如果您可以将服务器配置为仅使用TLS 1.0,那么您的应用只会连接到TLSv1.0密钥;这很容易测试。
I don't know how you could check which protocol is being used, but if you can configure a server to only work with, say, TLS 1.0, then your app will only connect with the TLSv1.0 key in place; and that's easy to test.
这篇关于如何在iOS应用程序中启用TLS 1.2,1.1,1.0和SSL?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!