我對Objective C和HTTP非常陌生。請在這個問題上給我建議。如何使用ASIHTTPRequest包含客戶端證書?
我需要我的iPhone應用程序通過HTTP與我的服務器進行通信。我創建了自簽名證書,當通過瀏覽器訪問URL時,雖然會顯示警告消息,表明服務器不可信。沒關係。
從我的iPhone App發送HTTP請求。通過HTTPS我正在使用ASIHTTPRequest。但是我收到一條錯誤消息:「發生連接失敗:SSL問題(可能的原因可能包括壞/過期/自簽名證書,時鐘設置爲錯誤日期)」。
我瀏覽周圍和#2學會做它的方式如下:
- 我從瀏覽器下載證書,並將其納入到我的Xcode項目。
負載證書NSData的
的NSString * fullFileName = @ 「myCertificate.cer」; NSString * fileName = [[fullFileName lastPathComponent] stringByDeletingPathExtension]; NSString * extension = [fullFileName pathExtension]; NSData * PKCS12Data = [NSData dataWithContentsOfFile:[[NSBundle mainBundle] pathForResource:fileName ofType:extension]];
Exctract身份
[自extractIdentity:&身份andTrust:&信任fromPKCS12Data:PKCS12Data密碼:@ 「myCertificatePasswordHere」];
發送HTTP請求通過HTTPS
ASIHTTPRequest *請求= [ASIHTTPRequest requestWithURL:myHTTPsURLHere]; [請求setClientCertificateIdentity:identity]; [request startSynchronous];這裏
由於很多人建議我還修改ASIHTTPRequest.m並列入
[sslProperties的setObject:(的NSString *)kCFBooleanTrue forKey:(的NSString *)kCFStreamSSLAllowsExpiredCertificates]。 [sslProperties setObject:(NSString *)kCFBooleanTrue forKey:(NSString *)kCFStreamSSLAllowsExpiredRoots]; 。
成IF語句
if (![self validatesSecureCertificate]) {
NSDictionary *sslProperties = [[NSDictionary alloc] initWithObjectsAndKeys:
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates,
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot,
[NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain,
kCFNull,kCFStreamSSLPeerName,
@"kCFStreamSocketSecurityLevelTLSv1_0SSLv3", kCFStreamSSLLevel,
nil];
CFReadStreamSetProperty((CFReadStreamRef)[self readStream],
kCFStreamPropertySSLSettings,
(CFTypeRef)sslProperties);
[sslProperties release];
}else {
NSMutableDictionary *sslProperties = [[NSMutableDictionary alloc] initWithObjectsAndKeys:
[NSNumber numberWithBool:NO], kCFStreamSSLAllowsExpiredCertificates,
[NSNumber numberWithBool:NO], kCFStreamSSLAllowsAnyRoot,
[NSNumber numberWithBool:YES], kCFStreamSSLValidatesCertificateChain,
@"kCFStreamSocketSecurityLevelTLSv1_0SSLv3", kCFStreamSSLLevel,
nil];
CFReadStreamSetProperty((CFReadStreamRef)[self readStream],
kCFStreamPropertySSLSettings,
(CFTypeRef)sslProperties);
[sslProperties setObject:(NSString *)kCFBooleanTrue forKey:(NSString *)kCFStreamSSLAllowsExpiredCertificates]; // Sergey added this line
[sslProperties setObject:(NSString *)kCFBooleanTrue forKey:(NSString *)kCFStreamSSLAllowsExpiredRoots]; // Sergey added this line
[sslProperties release];
}
但它並不能幫助:(我仍然得到一個錯誤信息:
Domain=ASIHTTPRequestErrorDomain Code=1 "A connection failure occurred: SSL problem (Possible causes may include a bad/expired/self-signed certificate, clock set to wrong date)"
請告訴我如何使ASIHTTPRequest通過HTTPS,這樣客戶端證書通過我的服務器驗證?我不想使用私人API ...
非常感謝!
ASIHTTPRequest for iOS 5.0.1版存在SSL驗證錯誤。它已被固定在這裏https://github.com/ignaval/asi-http-request/commit/c782abbeb204156d30ecbb902915d1eaf9b10f9e(感謝ignaval) – 2012-06-04 00:22:20
開發人員不再支持ASIHTTPRequest,不應使用ASIHTTPRequest。如果您想使用第三方框架,請使用[AFNetworking](https://github.com/AFNetworking/AFNetworking)。 – nickfox