此服务器的证书无效

I know that if I use following nsurlconnectiondelegate it will be fixed

我知道如果我使用以下nsurlconnectiondelegate它将被修复

– connection:willSendRequestForAuthenticationChallenge: – connection:canAuthenticateAgainstProtectionSpace

- 连接:willSendRequestForAuthenticationChallenge: - 连接:canAuthenticateAgainstProtectionSpace

But I am trying to use

但我正在尝试使用

sendAsynchronousRequest:queue:completionHandler:

So you don't get the callback. I looked into apple docs it say following

所以你没有得到回调。我调查了它所说的苹果文档

If authentication is required in order to download the request, the required credentials must be specified as part of the URL. If authentication fails, or credentials are missing, the connection will attempt to continue without credentials.

如果需要进行身份验证才能下载请求,则必须将所需凭据指定为URL的一部分。如果身份验证失败或缺少凭据,则连接将尝试在没有凭据的情况下继续。

I could not figure out how to do that. When I looked up all I got is this private call

我无法弄清楚如何做到这一点。当我抬起头时,我得到的是这个私人电话

+(void)setAllowsAnyHTTPSCertificate:(BOOL)inAllow forHost:(NSString *)inHost;

+(void)setAllowsAnyHTTPSCertificate:(BOOL)inAllow forHost:(NSString *)inHost;

Any idea how to do this?

知道怎么做吗?

Following is the error I get

以下是我得到的错误

The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com=0x8b34da0 {NSErrorFailingURLStringKey=https://example.com/test/, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSErrorFailingURLKey=https://example.com/test/, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com” which could put your confidential information at risk., NSUnderlyingError=0xa26c1c0 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “example.com” which could put your confidential information at risk.", NSURLErrorFailingURLPeerTrustErrorKey=

此服务器的证书无效。您可能正在连接到假装为“example.com = 0x8b34da0 {NSErrorFailingURLStringKey = https://example.com/test/,NSLocalizedRecoverySuggestion =您想要连接到服务器的服务器吗?”,NSErrorFailingURLKey = https:/ /example.com/test/,NSLocalizedDescription =此服务器的证书无效。您可能正在连接到假装为“example.com”的服务器,这可能会使您的机密信息面临风险。,NSUnderlyingError = 0xa26c1c0“此服务器的证书无效。您可能正在连接到假装的服务器是“example.com”,可能会使您的机密信息面临风险。“,NSURLErrorFailingURLPeerTrustErrorKey =

7 个解决方案

#1

you can't fix it with the way you are trying

你不能用你尝试的方式修复它

either drop to CFNetworking to allow bad certs

要么退到CFNetworking以允许不良证书

use NSConnection with a delegate and an undoc'd method

将NSConnection与委托和undoc'd方法一起使用

use the private API you found

使用您找到的私有API

all not good. CFNetwork would have to be OK for apple for now but the other 2 methods aren't even appstore-safe

一切都不好。 CFNetwork现在必须适用于苹果,但其他两种方法甚至不是appstore安全的

Better get the server fixed. Thats the easiest and CLEANEST

更好地修复服务器。这是最简单,最干净的

#2

The webserver which you are using is asking for Server Trust Authentication, you need to properly respond with the appropriate action. You need to implement connection:willSendRequestForAuthenticationChallenge: delegate method and use SecTrustRef to authenticate it.

您正在使用的Web服务器要求服务器信任身份验证,您需要使用适当的操作正确响应。您需要实现连接:willSendRequestForAuthenticationChallenge:委托方法并使用SecTrustRef对其进行身份验证。

More information can be found here:- https://developer.apple.com/library/ios/technotes/tn2232/_index.html

更多信息可以在这里找到: - https://developer.apple.com/library/ios/technotes/tn2232/_index.html

This was my code to fix error:

这是我修复错误的代码:

- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
    NSURLProtectionSpace *protectionSpace = [challenge protectionSpace];

    id<NSURLAuthenticationChallengeSender> sender = [challenge sender];

    if ([[protectionSpace authenticationMethod] isEqualToString:NSURLAuthenticationMethodServerTrust])
    {
        SecTrustRef trust = [[challenge protectionSpace] serverTrust];

        NSURLCredential *credential = [[NSURLCredential alloc] initWithTrust:trust];

            [sender useCredential:credential forAuthenticationChallenge:challenge];
    }
    else
    {
        [sender performDefaultHandlingForAuthenticationChallenge:challenge];
    }
}

#3

If you are using AFNetworking, you can use this code:

如果您使用的是AFNetworking,则可以使用以下代码:

(Just as a temp client-side solution!)

(就像临时客户端解决方案!)

AFHTTPSessionManager * apiManager = [AFHTTPSessionManager initWithBaseURL:[NSURL URLWithString:baseURL];
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
policy.allowInvalidCertificates = YES;
apiManager.securityPolicy = policy;

#4

This issue cannot be fixed with the way you are trying with blocks. you need to set delegates and implement the authentication challenge delegates to bypass the certificate validation. Best solution is to either create a right certificate (make sure it is not self-signed) or change the protocol to HTTP if you are fine with it.

您尝试使用块的方式无法解决此问题。您需要设置委托并实现身份验证质询代理以绕过证书验证。最好的解决方案是创建一个正确的证书(确保它不是自签名的)或者如果你对它好的话将协议更改为HTTP。

#5

That is a certificate error. you need to change your settings so that your program/os ignores the certificate, or add the url/certificate to a trusted list.

这是证书错误。您需要更改设置,以便您的程序/ os忽略证书,或将URL /证书添加到可信列表。

Sorry that is authentication, certificate is authentication. I took a look, and I found this article.

抱歉,这是身份验证,证书是身份验证。我看了看,发现了这篇文章。

Not sure if it will resolve your issue, but it basically states, that they don't cover the case of connecting to a site with how a certificate in the documentation.

不确定它是否能解决您的问题,但它基本上表明,它们不包括使用文档中的证书如何连接到站点的情况。

http://www.cocoanetics.com/2009/11/ignoring-certificate-errors-on-nsurlrequest/

#6

Please check the following link.

请检查以下链接。

https://discussions.apple.com/thread/4912924?start=0&tstart=0

#7

In my case, this error occurred due to my firewall blocked the required url. it's worked fine after removing firewall restrictions

在我的情况下,由于我的防火墙阻止了所需的URL,因此发生此错误。删除防火墙限制后,它工作正常

#1