锐客网

  1. 首页 > 生活百科 > it技术 > >

SDWebImage导入自签证书加载https图片

最近调试SDWebImage加载自签的https图片时怎么也无法绕过验证。
换个思路,将自签证书导入到SDWebimage使用的URLSession中。
具体方法如下:
【SDWebImage导入自签证书加载https图片】SDWebimageDownloader.m中添加URLSession代理方法

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable credential))completionHandler{ NSLog(@"证书认证"); if ([[[challenge protectionSpace] authenticationMethod] isEqualToString: NSURLAuthenticationMethodServerTrust]) { do{ SecTrustRef serverTrust = [[challenge protectionSpace] serverTrust]; NSCAssert(serverTrust != nil, @"serverTrust is nil"); if(nil == serverTrust)break; /* failed */ /** *导入多张CA证书(Certification Authority,支持SSL证书以及自签名的CA),请替换掉你的证书名称 */ NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"证书名字_cerName" ofType:@"cer"]; //自签名证书 NSData* caCert = [NSData dataWithContentsOfFile:cerPath]; NSCAssert(caCert != nil, @"caCert is nil"); if(nil == caCert)break; /* failed */ SecCertificateRef caRef = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)caCert); NSCAssert(caRef != nil, @"caRef is nil"); if(nil == caRef)break; /* failed */ //可以添加多张证书 NSArray *caArray = @[(__bridge id)(caRef)]; NSCAssert(caArray != nil, @"caArray is nil"); if(nil == caArray)break; /* failed */ //将读取的证书设置为服务端帧数的根证书 OSStatus status = SecTrustSetAnchorCertificates(serverTrust, (__bridge CFArrayRef)caArray); NSCAssert(errSecSuccess == status, @"SecTrustSetAnchorCertificates failed"); if(!(errSecSuccess == status))break; /* failed */ SecTrustResultType result = -1; //通过本地导入的证书来验证服务器的证书是否可信 status = SecTrustEvaluate(serverTrust, &result); if(!(errSecSuccess == status))break; /* failed */ NSLog(@"stutas:%d",(int)status); NSLog(@"Result: %d", result); BOOL allowConnect = (result == kSecTrustResultUnspecified) || (result == kSecTrustResultProceed); if (allowConnect) { NSLog(@"success"); }else { NSLog(@"error"); }/* kSecTrustResultUnspecified and kSecTrustResultProceed are success */ if(! allowConnect){ break; /* failed */ } #if 0 /* Treat kSecTrustResultConfirm and kSecTrustResultRecoverableTrustFailure as success *//*since the user will likely tap-through to see the dancing bunnies */ if(result == kSecTrustResultDeny || result == kSecTrustResultFatalTrustFailure || result == kSecTrustResultOtherError)break; /* failed to trust cert (good in this case) */ #endif // The only good exit point NSLog(@"信任该证书"); NSURLCredential *credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]; completionHandler(NSURLSessionAuthChallengeUseCredential,credential); return [[challenge sender] useCredential: credential forAuthenticationChallenge: challenge ]; }while(0); } // Bad dog NSURLCredential *credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]; completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge,credential); return [[challenge sender] cancelAuthenticationChallenge: challenge]; }

证书名字_cerName 的位置填上自签证书的名字,即可将证书导入到SDWebimage的请求中,也可以添加多张证书。

    推荐阅读


    上一篇:为什么我们要不断地修订自己的“人生地图”()

    下一篇:素书|素书 宋.张商英〈原序〉浅释