Original address: http://blog.5ibc.net/p/100221.html
As we all know, Apple has made a statement, starting from 2017, will block HTTP resources, strong push HTTPS
Landlord just recently will be http to HTTPS, to have not hands-on friends to share one or two
First, certificate preparation 1, certificate conversion
After the server personnel, send you the CRT certificate, go to the certificate path, execute the following statement
OpenSSL x509-in your certificate. Crt-out your certificate. Cer-outform der
This allows you to obtain a certificate of the CER type. Double-click to import the computer.
2, the certificate into the project
1. You can drag the converted CER file directly into the project.
2, you can find the certificate you imported in the keychain, right-click, export the project, you can export the certificate of the. cer file
Second, the Code preparation
<key>NSAppTransportSecurity</key> <dict> <key>nsallowsarbitraryloads</key > <true/> </dict>
1.1 Nsurlconnection Settings Support HTTPS.
In 2015 iOS9 update, Nsurlconnection was discarded by nsurlsession replaced, so it is not recommended to continue to use this class to do network requests (also have afnetworking 2.x version), but considering some of the old program, Also can not say change, say replace on replace, so still need to popularize, if use nsurlconnection you need how to do.
The code is as follows:
-(void) connection: (Nsurlconnection *) connection Willsendrequestforauthenticationchallenge: ( Nsurlauthenticationchallenge *) challenge{ if (Challenge.protectionSpace.authenticationMethod = = Nsurlauthenticationmethodservertrust) { //Tell server, client Trust certificate //Create credential object nsurlcredential *credntial = [ Nsurlcredential CredentialForTrust:challenge.protectionSpace.serverTrust]; Tell the server to trust the certificate [Challenge.sender usecredential:credntial forauthenticationchallenge:challenge];}
You simply need to add the proxy method above, you can increase the support of HTTPS request without affecting your original request.
1.2 Nsurlsession settings Support HTTPS.
It is now recommended to use Nsurlsession to handle related network requests, if you use the system comes with the class, you can refer to the following code:
-(void) Urlsession: (Nsurlsession *) session Task: (Nsurlsessiontask *) Task Didreceivechallenge: ( Nsurlauthenticationchallenge *) Challenge Completionhandler: (void (^) (nsurlsessionauthchallengedisposition Disposition, nsurlcredential * __nullable credential)) Completionhandler { //Determine if the server certificate is trusted if ( Challenge.protectionSpace.authenticationMethod = = nsurlauthenticationmethodservertrust) { //Tell server, client trust certificate //Create credential Object Nsurlcredential *credntial = [nsurlcredential credentialForTrust:challenge.protectionSpace.serverTrust]; Tell the server to trust the certificate Completionhandler (nsurlsessionauthchallengeusecredential,credntial) via Completionhandler; } NSLog (@ "protectionspace =%@", challenge.protectionspace);}
2. Send a network request using afnetworking
Afnetworking is a favorite Web library for iOS and Mac OS X. It is built on Nsurlconnection, Nsoperation, and other familiar foundation technologies. It has a good architecture, a rich API, and a modular way of building it, making it easy to use.
2.1 Afnetworking 2.x version
With this release in mind, we can also use the Afhttprequestoperationmanager class to handle network requests. So what we're going to do is give this class, set some parameters so that it can support HTTPS requests, the code is as follows:
Support HTTPS (school verification book, not to grab package):
1. Initialize a singleton class afhttprequestoperationmanager *mgr = [Afhttprequestoperationmanager manager]; Mgr.securityPolicy.SSLPinningMode = afsslpinningmodecertificate; 2. Set the certificate mode NSString * Cerpath = [[NSBundle mainbundle] pathforresource:@ "xxx" oftype:@ "cer"]; NSData * Cerdata = [NSData Datawithcontentsoffile:cerpath]; Mgr.securityPolicy.pinnedCertificates = [[Nsarray alloc] initwithobjects:cerdata, nil]; Whether the client trusts the illegal certificate mgr.securityPolicy.allowInvalidCertificates = YES; Verify the domain name in the certificate domain field [mgr.securitypolicy Setvalidatesdomainname:no];
Support HTTPS (no school verification book, can grab the package view):
1. Initialize a singleton class afhttprequestoperationmanager *mgr = [Afhttprequestoperationmanager manager]; Mgr.securityPolicy.SSLPinningMode = afsslpinningmodecertificate; 2. Set the non-school Certificate mode mgr.securitypolicy = [Afsecuritypolicy policywithpinningmode:afsslpinningmodenone]; Mgr.securityPolicy.allowInvalidCertificates = YES; [Mgr.securitypolicy Setvalidatesdomainname:no];
2.2 Afnetworking 3.x version
After Xcode7.0, Apple abandoned the Nsurlconnection method, the data request uses the Nsurlsession, as the network request class third-party library uses the biggest AFN also promptly updates the new version--afn 3.0 version. The new version discards the Afhttprequestoperationmanager based on the nsurlconnection package, and instead uses the Afhttpsessionmanager based on the nsurlsession package.
Support HTTPS (school verification book, not to grab package):
1. Initialize afhttpsessionmanager *manager = [Afhttpsessionmanager manager]; Manager.securityPolicy.SSLPinningMode = afsslpinningmodecertificate; 2. Set the certificate mode NSString * Cerpath = [[NSBundle mainbundle] pathforresource:@ "xxx" oftype:@ "cer"]; NSData * Cerdata = [NSData Datawithcontentsoffile:cerpath]; Manager.securitypolicy = [Afsecuritypolicy policywithpinningmode:afsslpinningmodecertificate Withpinnedcertificates:[[nsset Alloc] initwithobjects:cerdata, nil]]; Whether the client trusts the illegal certificate mgr.securityPolicy.allowInvalidCertificates = YES; Verify the domain name in the certificate domain field [mgr.securitypolicy Setvalidatesdomainname:no];
Support HTTPS (no school verification book, can grab the package view):
1. Initialize afhttpsessionmanager *manager = [Afhttpsessionmanager manager]; 2. Set the non-school Certificate mode manager.securitypolicy = [Afsecuritypolicy policywithpinningmode:afsslpinningmodenone]; Manager.securityPolicy.allowInvalidCertificates = YES; [Manager.securitypolicy Setvalidatesdomainname:no];
The configuration is complete here, I hope to help you.
iOS development supports HTTPS requests and SSL certificate configuration (RPM)