1

我正在使用具有无效证书的服务器上的 Web 服务,但无论如何我都想获得响应。有办法吗??这是示例代码:

-(void)createHttpHeaderRequest:(serviceType)type {
    NSMutableURLRequest * theRequest;
    if (type==kServiceTypeTopAccessory) {

        NSString * test = @"{\"GetVehicleInventory\": {\"ApplicationArea\": some Json object here}}}}}";

        NSString * final = (__bridge NSString *) CFURLCreateStringByAddingPercentEscapes(kCFAllocatorDefault, (__bridge CFStringRef)test, NULL, CFSTR(":/?#[]@!$&'()*+,;=\""), kCFStringEncodingUTF8);
        NSString * sampleReq = [NSString stringWithFormat:@"https://myuntrutsedServer?XML_INPUT=%@",final];
       // NSString * final = [sampleReq stringByAddingPercentEscapesUsingEncoding:NSASCIIStringEncoding];

        NSLog(@"JSON:%@",sampleReq);


        theRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:sampleReq]];
    }
    NSLog(@"Request:%@",theRequest);
    self.theConnection = [[NSURLConnection alloc]initWithRequest:theRequest delegate:self];
    if (self.theConnection) {
        NSLog(@"Service hit");
    }
}

-(BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
    return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {

    [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}

-(void)connection:(NSURLConnection *)connection didFailWithError:(NSError *)error {
    NSLog(@"Error%@",error);
}

- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response{

    NSLog(@"Reached here");

}

我在 didFailWithError 方法中收到此错误: NSLocalizedDescription=此服务器的证书无效。您可能正在连接到伪装成“209.112.58.126”的服务器,这可能会使您的机密信息面临风险。,NSUnderlyingError=0x6877b40“此服务器的证书无效。您可能正在连接到伪装成的服务器是“209.112.58.126”,这可能会使您的机密信息面临风险。", NSURLErrorFailingURLPeerTrustErrorKey=}

谢谢,

4

2 回答 2

4

我通过这样做来修复它:

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
    [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
}

享受!!!

于 2012-07-26T17:46:12.783 回答
3

这是我从 Apple 的AdvancedURLConnections示例代码中提取的内容:

if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {

    // Verify certificate:
    SecTrustResultType trustResult;
    OSStatus status = SecTrustEvaluate(challenge.protectionSpace.serverTrust, &trustResult);
    BOOL trusted = (status == errSecSuccess) && ((trustResult == kSecTrustResultProceed) || (trustResult == kSecTrustResultUnspecified));

    if (trusted) {
        [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]
             forAuthenticationChallenge:challenge];
    } else {
        if (user_wants_to_trust_invalid_certificates) {
            [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]
                 forAuthenticationChallenge:challenge];
        } else {
            [challenge.sender cancelAuthenticationChallenge:challenge];
        }
    }
} else {
    [challenge.sender performDefaultHandlingForAuthenticationChallenge:challenge];
}

注意:正如 mbm30075 正确指出的那样,此代码进入

connection:didReceiveAuthenticationChallenge:

从 iOS 5 开始,您可以使用委托功能

connection:willSendRequestForAuthenticationChallenge:

反而。您必须将安全框架添加到您的项目中才能编译。

于 2012-07-26T16:26:12.930 回答