SDWebImage导入自签证书加载https图片
最近调试SDWebImage加载自签的https图片时怎么也无法绕过验证。
换个思路,将自签证书导入到SDWebimage使用的URLSession中。
具体方法如下:
【SDWebImage导入自签证书加载https图片】在SDWebimageDownloader.m
中添加URLSession代理方法
- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable credential))completionHandler{
NSLog(@"证书认证");
if ([[[challenge protectionSpace] authenticationMethod] isEqualToString: NSURLAuthenticationMethodServerTrust]) {
do{
SecTrustRef serverTrust = [[challenge protectionSpace] serverTrust];
NSCAssert(serverTrust != nil, @"serverTrust is nil");
if(nil == serverTrust)break;
/* failed */
/**
*导入多张CA证书(Certification Authority,支持SSL证书以及自签名的CA),请替换掉你的证书名称
*/
NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"证书名字_cerName" ofType:@"cer"];
//自签名证书
NSData* caCert = [NSData dataWithContentsOfFile:cerPath];
NSCAssert(caCert != nil, @"caCert is nil");
if(nil == caCert)break;
/* failed */
SecCertificateRef caRef = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)caCert);
NSCAssert(caRef != nil, @"caRef is nil");
if(nil == caRef)break;
/* failed */
//可以添加多张证书
NSArray *caArray = @[(__bridge id)(caRef)];
NSCAssert(caArray != nil, @"caArray is nil");
if(nil == caArray)break;
/* failed */
//将读取的证书设置为服务端帧数的根证书
OSStatus status = SecTrustSetAnchorCertificates(serverTrust, (__bridge CFArrayRef)caArray);
NSCAssert(errSecSuccess == status, @"SecTrustSetAnchorCertificates failed");
if(!(errSecSuccess == status))break;
/* failed */
SecTrustResultType result = -1;
//通过本地导入的证书来验证服务器的证书是否可信
status = SecTrustEvaluate(serverTrust, &result);
if(!(errSecSuccess == status))break;
/* failed */
NSLog(@"stutas:%d",(int)status);
NSLog(@"Result: %d", result);
BOOL allowConnect = (result == kSecTrustResultUnspecified) || (result == kSecTrustResultProceed);
if (allowConnect) {
NSLog(@"success");
}else {
NSLog(@"error");
}/* kSecTrustResultUnspecified and kSecTrustResultProceed are success */
if(! allowConnect){
break;
/* failed */
}
#if 0
/*
Treat kSecTrustResultConfirm and kSecTrustResultRecoverableTrustFailure as success
*//*since the user will likely tap-through to see the dancing bunnies */
if(result == kSecTrustResultDeny || result == kSecTrustResultFatalTrustFailure || result == kSecTrustResultOtherError)break;
/* failed to trust cert (good in this case) */
#endif
// The only good exit point
NSLog(@"信任该证书");
NSURLCredential *credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
completionHandler(NSURLSessionAuthChallengeUseCredential,credential);
return [[challenge sender] useCredential: credential forAuthenticationChallenge: challenge
];
}while(0);
}
// Bad dog
NSURLCredential *credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge,credential);
return [[challenge sender] cancelAuthenticationChallenge: challenge];
}
在
证书名字_cerName
的位置填上自签证书的名字,即可将证书导入到SDWebimage的请求中,也可以添加多张证书。推荐阅读
- FreeSql|FreeSql 导入数据的各种场景总结 [C#.NET ORM]
- 一篇文章教会你使用gs_restore导入数据
- 欧博管理大讲堂(第二期)如何通过导入生产计划运作提升订单准交率
- .Net+Vue3实现数据简易导入功能
- SDWebImage|SDWebImage 下载 中文或者空格 图片路径
- Django-Import-Export插件控制数据导入流程
- 项目|python文件中导入同目录下其他py文件
- UE导入FBX、GLTF模型
- CocoaPod的使用至导入依赖库
- kettle|kettle 导入项目 src 变成package问题