使用 Alamofire 的不受信任的证书。我已经尝试了所有我能找到的答案
Posted
技术标签:
【中文标题】使用 Alamofire 的不受信任的证书。我已经尝试了所有我能找到的答案【英文标题】:Untrusted Certificate with Alamofire. I've tried every answer I can find 【发布时间】:2017-10-31 07:05:09 【问题描述】:这是我的 info.plist
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>https://chargepoints.dft.gov.uk</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
</dict>
</dict>
这就是我尝试在 alamofire 上设置会话管理器的方式
private static var Manager: Alamofire.SessionManager =
// Create the server trust policies
let serverTrustPolicies: [String: ServerTrustPolicy] = [
"https://chargepoints.dft.gov.uk": .disableEvaluation
]
// Create custom manager
let configuration = URLSessionConfiguration.default
configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders
let manager = Alamofire.SessionManager(
configuration: URLSessionConfiguration.default,
serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
)
return manager
()
这是我执行请求的代码
Downloader.Manager.request("https://chargepoints.dft.gov.uk/api/retrieve/registry/format/json").responseJSON response in
print("Request: \(String(describing: response.request))") // original url request
print("Response: \(String(describing: response.response))") // http url response
print("Result: \(String(describing: response.result))") // response serialization result
print("Error: \(String(describing: response.error))")
if let json = response.result.value
print("JSON: \(json)") // serialized json response
if let data = response.data, let utf8Text = String(data: data, encoding: .utf8)
print("Data: \(utf8Text)") // original server data as UTF8 string
哦,使用 ios 10.3
XCode 8.3.2
斯威夫特 3.0
【问题讨论】:
您是否尝试使用“chargepoints.dft.gov.uk”而不是“https://chargepoints.dft.gov.uk”作为服务器信任策略? 谢谢,是的,我试过没有效果 我已经按照这个线程 ***.com/questions/42843459/… 运行了 nscurl --ats-diagnostics chargepoints.dft.gov.uk/api/retrieve/registry/format/json 并且它在所有检查中都失败了,这似乎表明禁用 plist 中的所有选项有没有效果。我认为一个线索与此有关 【参考方案1】:试试这个
var afManager : SessionManager?
afManager!.delegate.sessionDidReceiveChallenge = session, challenge in
var disposition = URLSession.AuthChallengeDisposition.performDefaultHandling
var credential : URLCredential?
if(challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust)
disposition = URLSession.AuthChallengeDisposition.useCredential
credential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
else
if(challenge.previousFailureCount > 0)
disposition = URLSession.AuthChallengeDisposition.cancelAuthenticationChallenge
else
credential = self.afManager!.session.configuration.urlCredentialStorage?.defaultCredential(for: challenge.protectionSpace)
if(credential != nil)
disposition = URLSession.AuthChallengeDisposition.useCredential
return (disposition, credential)
然后提出你的要求
afManager?.request("YOUR-URL-HERE", method: .get).responseJSON response in
switch response.result
case .success:
print(response.result.value)
break
case .failure(let error):
print(error)
【讨论】:
【参考方案2】:对于任何想知道的人,我解决了这个问题,但根据这个问题的 cmet 之一将 Https:// 更改为纯 Http
Transport security has blocked a cleartext HTTP
我用头撞墙了好几天,但终于得到了一些数据。
然后将域更改为 chargepoints.dft.gov.uk 省略 http: 或 https: 最终得到规则开始工作。
一切顺利 杰克
【讨论】:
以上是关于使用 Alamofire 的不受信任的证书。我已经尝试了所有我能找到的答案的主要内容,如果未能解决你的问题,请参考以下文章