NSURLConnection实现HTTPS(SSL)链接请求
2014-04-24 14:08
411 查看
最近检测APP应用的网络请求,发现HTTP方式的接口,请求的数据比较容易让不道德的人截取并加以利用。所以建议接口请求数据的方式还是使用HTTPS(SSL),相对的安全些。
在iOS中,使用NSURLConnection来请求HTTPS,就需要处理SSL认证,NSURLConnectionDelegate中定义了处理认证的方法:
接收任何证书
使用私有证书验证
在iOS中,使用NSURLConnection来请求HTTPS,就需要处理SSL认证,NSURLConnectionDelegate中定义了处理认证的方法:
1 2 3 | – connection:canAuthenticateAgainstProtectionSpace: – connection:didReceiveAuthenticationChallenge: - connection:didCancelAuthenticationChallenge: |
NSURLConnection中处理SSL
1 2 3 | - (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace{
return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
} |
1 2 3 | - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge{
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
} |
1 2 34 | - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
static CFArrayRef certs;
if (!certs) {
NSData *certData =[NSData dataWithContentsOfFile:[[NSBundle mainBundle] pathForResource:@"srca" ofType:@"cer"]];
SecCertificateRef rootcert =SecCertificateCreateWithData(kCFAllocatorDefault,CFBridgingRetain(certData));
const void *array[1] = { rootcert };
certs = CFArrayCreate(NULL, array, 1, &kCFTypeArrayCallBacks);
CFRelease(rootcert); // for completeness, really does not matter
}
SecTrustRef trust = [[challenge protectionSpace] serverTrust];
int err;
SecTrustResultType trustResult = 0;
err = SecTrustSetAnchorCertificates(trust, certs);
if (err == noErr) {
err = SecTrustEvaluate(trust,&trustResult);
}
CFRelease(trust);
BOOL trusted = (err == noErr) && ((trustResult == kSecTrustResultProceed)||(trustResult == kSecTrustResultConfirm) || (trustResult == kSecTrustResultUnspecified));
if (trusted) {
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
}else{
[challenge.sender cancelAuthenticationChallenge:challenge];
}
} |
AFNetWorking框架中处理SSL
使用AFURLConnectionOperation类的两个方法,将上面的代码以block方式传入即可。1 2 | – setAuthenticationAgainstProtectionSpaceBlock: – setAuthenticationChallengeBlock: |
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 使用Volley实现Https请求, Volley SSL 双向自认证证书请求。
- eclipse中使用Jetty插件实现https请求与SSL双向验证
- Nginx+Tomcat SSL配置指南|Nginx+Tomcat实现https安全链接
- 利用struts2-ssl-plugin实现https安全链接
- 利用struts2-ssl-plugin实现https安全链接
- HttpsURLConnection实现SSL的GET/POST请求
- java实现https ssl请求url
- 模拟http或https请求,实现ssl下的bugzilla登录、新增BUG,保持会话以及处理token
- java实现https ssl请求url
- HttpsURLConnection实现SSL的GET/POST请求
- Httpclient 实现https请求,绕过SSL 方法
- iOS使用自签名证书实现HTTPS请求
- C#、VB.NET使用HttpWebRequest访问https地址(SSL)的实现
- nginx反向代理tomcat的ssl(https)实现
- php之curl实现http与https请求的方法
- Android webview在https下实现ssl的双向认证
- Ubuntu Nginx下配置网站ssl实现https访问
- HttpClient之配置ssl,采用设置信任自签名证书实现https
- https 请求被中止: 未能创建 SSL/TLS 安全通道
- Spring Boot Https SSL 实现