我们可以使用以下openssl命令来获取到服务器的公开二进制证书(以google为例)
openssl s_client -connect www.google.com:443 </dev/null 2>/dev/null | openssl x509 -outform DER > https.cer
冒号中的为命令主要部分。该条命令将会在当前路径下,形成google.com站点的公开二进制证书,命名为https.cer。您可以将www.google.com 替换成您自己的站点以此来获取您自己站点的https.cer。
证书的使用
直接导入证书https.cer到项目目录就好
POST方法:
+ (void)httpsPostWithUrl:(NSString *)url Parameters:(id)parameters success:(void (^)(id json))success failure:(void (^)(NSError *error))failure
{
NSString *urlString = url;
NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"https" ofType:@"cer"];
NSData *certData =[NSData dataWithContentsOfFile:cerPath];
NSArray *certSet = [[NSArray alloc] initWithObjects:certData, nil];
AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
// 是否允许,NO-- 不允许无效的证书
[securityPolicy setAllowInvalidCertificates:YES];
// 设置证书
[securityPolicy setPinnedCertificates:certSet];
AFHTTPSessionManager *manager = [AFHTTPSessionManager manager];
manager.securityPolicy = securityPolicy;
manager.responseSerializer = [AFHTTPResponseSerializer serializer];
// request
[manager POST:urlString parameters:parameters success:^(NSURLSessionDataTask * _Nonnull task, id _Nonnull responseObject) {
success(responseObject);
} failure:^(NSURLSessionDataTask * _Nullable task, NSError * _Nonnull error) {
failure(error);
}];
}
GET方法
+ (void)httpGetWithUrl:(NSString *)url
Parameters:(id)parameters
success:(void (^)(NSDictionary *json))success
failure:(void (^)(NSError *error))failure
{
NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"https" ofType:@"cer"];
NSData *certData =[NSData dataWithContentsOfFile:cerPath];
NSArray *certSet = [[NSArray alloc] initWithObjects:certData, nil];
AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
// 是否允许,NO-- 不允许无效的证书
[securityPolicy setAllowInvalidCertificates:NO];
// 设置证书
//
[securityPolicy setPinnedCertificates:certSet];
AFHTTPSessionManager *manager = [AFHTTPSessionManager manager];
manager.securityPolicy = securityPolicy;
manager.responseSerializer = [AFHTTPResponseSerializer serializer];
[manager GET:url parameters:nil success:^(NSURLSessionDataTask * _Nonnull task, id _Nonnull responseObject) {
NSDictionary *array = [NSJSONSerialization JSONObjectWithData:responseObject options:NSJSONReadingMutableLeaves error:nil];
success(array);
} failure:^(NSURLSessionDataTask * _Nullable task, NSError * _Nonnull error) {
// DSlog(@"error ==%@",error.description);
failure(error);
}];
}
使用:
NSDictionary *parameters = @{
@"uname":@"jack",
@"howold":@22
};
[SUPHttpHelper httpsPostWithUrl:@"https://api.suppet.com/api/Test.html" Parameters:parameters success:^(id json) {
NSDictionary *array = [NSJSONSerialization JSONObjectWithData:json options:NSJSONReadingMutableLeaves error:nil];
DSlog(@"%@",array);
} failure:^(NSError *error) {
DSlog(@"cuowu%@",error.description);
}];
网友评论