如何在iOS上使用CFSockets時手動驗證TLS證書？

Question

我使用CFStreamCreatePairWithSocketToHost創建與服務器的連接。此服務器正在使用自簽名證書，我必須對其進行驗證。 我一直在試圖找到任何方式來檢索服務器證書，但我迷路了，找不到任何方法/類，這將允許我檢索它。

我將是指出我怎樣才能得到它在這樣的代碼感謝：

CFReadStreamRef readStream; 
CFWriteStreamRef writeStream; 
CFStreamCreatePairWithSocketToHost(kCFAllocatorDefault, (__bridge CFStringRef) address, (UInt32) port, &readStream, &writeStream); 

NSInputStream *inputStream = (__bridge_transfer NSInputStream *) readStream; 
NSOutputStream *outputStream = (__bridge_transfer NSOutputStream *) writeStream; 
[inputStream setDelegate:self]; 
[outputStream setDelegate:self]; 
[inputStream scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode]; 
[outputStream scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode]; 

NSDictionary *settings = @{(NSString *) kCFStreamSSLValidatesCertificateChain: @NO}; 

CFReadStreamSetProperty((__bridge CFReadStreamRef) inputStream, kCFStreamPropertySSLSettings, (__bridge CFTypeRef) settings); 

[inputStream open]; 
[outputStream open]; 

Answer 1

在谷歌上搜索的另一個會議上，我終於偶然發現了一些罕見的蘋果文檔其中描述的一個顯然是一個過程： https://developer.apple.com/library/content/technotes/tn2232/_index.html#//apple_ref/doc/uid/DTS40012884-CH1-SECCFSOCKETSTREAM

，這裏是由蘋果提供的示例代碼： https://developer.apple.com/library/content/documentation/NetworkingInternet/Conceptual/NetworkingTopics/Articles/OverridingSSLChainValidationCorrectly.html