AFNetworking设置支持https访问

2/3/2017 - 7:59 AM

AFNetworking设置支持https访问

/**
 强制https访问验证本地证书
 */
- (void)setupSecurityPolicyWithLocalCertificates
{
    AFSecurityPolicy * securityPolicy = [AFSecurityPolicy defaultPolicy];
    NSArray * cerNameList = @[@"cer1", @"cer2", @"cer3"];
    NSMutableSet * cerSet = [NSMutableSet set];
    for (NSString * cerName in cerNameList) {
        NSString *cerPath = [[NSBundle mainBundle] pathForResource:cerName ofType:@"cer"];//证书的路径
        if (!cerPath) {
            NSLog(@"https证书：%@.cer 未找到！", cerName);
        }
        NSData *cerData = [NSData dataWithContentsOfFile:cerPath];
        [cerSet addObject:cerData];
    }
    
    /*
     1. AFSSLPinningModeCertificate 服务器端返回的证书和本地保存的证书中的所有内容，包括PublicKey和证书部分，全部进行校验；如果正确，才继续进行。
     2. AFSSLPinningModePublicKey 只验证PublicKey部分
     3. AFSSLPinningModeNone  客户端无条件地信任服务器端返回的证书。
     */
    securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate withPinnedCertificates:cerSet];
    
    //是否允许无效的证书访问
    securityPolicy.allowInvalidCertificates = NO;
    //是否验证域名
    securityPolicy.validatesDomainName = YES;
    
    AFHTTPSessionManager *manager = [AFHTTPSessionManager manager];
    manager.securityPolicy = securityPolicy;
    _manager = manager;
}


/**
 使用服务器下发的证书验证
 */
- (void) setupSecurityPolicy
{
    AFSecurityPolicy * securityPolicy = [AFSecurityPolicy defaultPolicy];
    securityPolicy.allowInvalidCertificates = NO;
    securityPolicy.validatesDomainName = YES;
    
    AFHTTPSessionManager * manager = [AFHTTPSessionManager manager];
    manager.securityPolicy = securityPolicy;
    _manager = manager;
}

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

AFNetworking设置支持https访问