NSURLConnection实现HTTPS(SSL)链接请求
2014-04-24 14:08
411 查看
最近检测APP应用的网络请求,发现HTTP方式的接口,请求的数据比较容易让不道德的人截取并加以利用。所以建议接口请求数据的方式还是使用HTTPS(SSL),相对的安全些。
在iOS中,使用NSURLConnection来请求HTTPS,就需要处理SSL认证,NSURLConnectionDelegate中定义了处理认证的方法:
接收任何证书
使用私有证书验证
在iOS中,使用NSURLConnection来请求HTTPS,就需要处理SSL认证,NSURLConnectionDelegate中定义了处理认证的方法:
1 2 3 | – connection:canAuthenticateAgainstProtectionSpace: – connection:didReceiveAuthenticationChallenge: - connection:didCancelAuthenticationChallenge: |
NSURLConnection中处理SSL
1 2 3 | - (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace{ return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]; } |
1 2 3 | - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge{ [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; } |
1 2 34 | - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { static CFArrayRef certs; if (!certs) { NSData *certData =[NSData dataWithContentsOfFile:[[NSBundle mainBundle] pathForResource:@"srca" ofType:@"cer"]]; SecCertificateRef rootcert =SecCertificateCreateWithData(kCFAllocatorDefault,CFBridgingRetain(certData)); const void *array[1] = { rootcert }; certs = CFArrayCreate(NULL, array, 1, &kCFTypeArrayCallBacks); CFRelease(rootcert); // for completeness, really does not matter } SecTrustRef trust = [[challenge protectionSpace] serverTrust]; int err; SecTrustResultType trustResult = 0; err = SecTrustSetAnchorCertificates(trust, certs); if (err == noErr) { err = SecTrustEvaluate(trust,&trustResult); } CFRelease(trust); BOOL trusted = (err == noErr) && ((trustResult == kSecTrustResultProceed)||(trustResult == kSecTrustResultConfirm) || (trustResult == kSecTrustResultUnspecified)); if (trusted) { [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; }else{ [challenge.sender cancelAuthenticationChallenge:challenge]; } } |
AFNetWorking框架中处理SSL
使用AFURLConnectionOperation类的两个方法,将上面的代码以block方式传入即可。1 2 | – setAuthenticationAgainstProtectionSpaceBlock: – setAuthenticationChallengeBlock: |
相关文章推荐
- 使用Volley实现Https请求, Volley SSL 双向自认证证书请求。
- eclipse中使用Jetty插件实现https请求与SSL双向验证
- Nginx+Tomcat SSL配置指南|Nginx+Tomcat实现https安全链接
- 利用struts2-ssl-plugin实现https安全链接
- 利用struts2-ssl-plugin实现https安全链接
- HttpsURLConnection实现SSL的GET/POST请求
- java实现https ssl请求url
- 模拟http或https请求,实现ssl下的bugzilla登录、新增BUG,保持会话以及处理token
- java实现https ssl请求url
- HttpsURLConnection实现SSL的GET/POST请求
- Httpclient 实现https请求,绕过SSL 方法
- iOS使用自签名证书实现HTTPS请求
- C#、VB.NET使用HttpWebRequest访问https地址(SSL)的实现
- nginx反向代理tomcat的ssl(https)实现
- php之curl实现http与https请求的方法
- Android webview在https下实现ssl的双向认证
- Ubuntu Nginx下配置网站ssl实现https访问
- HttpClient之配置ssl,采用设置信任自签名证书实现https
- https 请求被中止: 未能创建 SSL/TLS 安全通道
- Spring Boot Https SSL 实现