如何处理不受信任的服务URL?
我正在使用无效证书服务器上的Web服务,但我想要得到响应。 有没有办法做到这一点? 以下是示例代码:
-(void)createHttpHeaderRequest:(serviceType)type { NSMutableURLRequest * theRequest; if (type==kServiceTypeTopAccessory) { NSString * test = @"{\"GetVehicleInventory\": {\"ApplicationArea\": some Json object here}}}}}"; NSString * final = (__bridge NSString *) CFURLCreateStringByAddingPercentEscapes(kCFAllocatorDefault, (__bridge CFStringRef)test, NULL, CFSTR(":/?#[]@!$&'()*+,;=\""), kCFStringEncodingUTF8); NSString * sampleReq = [NSString stringWithFormat:@"https://myuntrutsedServer?XML_INPUT=%@",final]; // NSString * final = [sampleReq stringByAddingPercentEscapesUsingEncoding:NSASCIIStringEncoding]; NSLog(@"JSON:%@",sampleReq); theRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:sampleReq]]; } NSLog(@"Request:%@",theRequest); self.theConnection = [[NSURLConnection alloc]initWithRequest:theRequest delegate:self]; if (self.theConnection) { NSLog(@"Service hit"); } } -(BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace { return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]; } - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge]; } -(void)connection:(NSURLConnection *)connection didFailWithError:(NSError *)error { NSLog(@"Error%@",error); } - (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response{ NSLog(@"Reached here"); }
我得到这个错误在我的didFailWithError方法:NSLocalizedDescription =该服务器的证书是无效的。 您可能正在连接到假装为“209.112.58.126”的服务器,这可能会将您的机密信息置于危险之中,NSUnderlyingError = 0x6877b40“此服务器的证书无效。您可能正在连接到假装是“209.112.58.126”这可能会使您的机密信息处于危险之中。“,NSURLErrorFailingURLPeerTrustErrorKey =}
谢谢,
我通过这样做来修复它:
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; }
请享用!!!
这是我从Apple的AdvancedURLConnections示例代码中提取的:
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) { // Verify certificate: SecTrustResultType trustResult; OSStatus status = SecTrustEvaluate(challenge.protectionSpace.serverTrust, &trustResult); BOOL trusted = (status == errSecSuccess) && ((trustResult == kSecTrustResultProceed) || (trustResult == kSecTrustResultUnspecified)); if (trusted) { [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; } else { if (user_wants_to_trust_invalid_certificates) { [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; } else { [challenge.sender cancelAuthenticationChallenge:challenge]; } } } else { [challenge.sender performDefaultHandlingForAuthenticationChallenge:challenge]; }
注意:正如mbm30075正确指出的那样,代码进入
connection:didReceiveAuthenticationChallenge:
从iOS 5开始,您可以使用委托function
connection:willSendRequestForAuthenticationChallenge:
代替。 而且您必须将安全框架添加到您的项目中才能进行编译。