台灣最大程式設計社群網站
線上人數
1337
 
會員總數:246255
討論主題:189807
歡迎您免費加入會員
討論區列表 >> iOS APP/ swift 開發 >> UIWebView 連Https SSL網站 需要Client Certificate
[]  
[我要回覆]
回應主題 加入我的關注話題 檢舉此篇討論 將提問者加入個人黑名單
UIWebView 連Https SSL網站 需要Client Certificate
價值 : 50 QP  點閱數:2770 回應數:0
樓主

小威-Andy
初學者
200 1
141 9
發送站內信

最近開發一個項目需要使用UIWebView 連到我們 Https開頭的SSL網站, 並且使用自己發佈的證書, 要用在Client端。 在網路上Search很多, 但是不知道為何都沒辦法正常連到網站, 總是會顯示 SSL Server requires client certificate

我的程式碼也提供一下:



-(BOOL)webView:(UIWebView *)webView shouldStartLoadWithRequest:(NSURLRequest *)request navigationType:(UIWebViewNavigationType)navigationType {

if (!_authenticated) {

_authenticated = NO;
_FailedRequest = request;
_urlConnection = [[NSURLConnection alloc] initWithRequest:request delegate:self];

[_urlConnection start];

return NO;

}

return YES;
}




-(void) connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {

if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
NSURL* baseURL = _FailedRequest.URL;
if ([challenge.protectionSpace.host isEqualToString:baseURL.host]) {
[[challenge sender] useCredential:[NSURLCredential credentialForTrust:[protectionSpace serverTrust]] forAuthenticationChallenge:challenge];
}
} else if([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate ]) {

NSString *path = [[NSBundle mainBundle] pathForResource:@"certificate" ofType:@"pfx"];
NSData *pfxdata = [NSData dataWithContentsOfFile:path];
CFDataRef inpfxdata = (__bridge_retained CFDataRef)pfxdata;
SecIdentityRef myIdentity;
SecTrustRef myTrust;
OSStatus status = [self extractIdentityAndTrust:inpfxdata identity:&myIdentity trust:&myTrust];
SecCertificateRef myCertificate;
SecIdentityCopyCertificate(myIdentity, &myCertificate); const void *certs[] = { myCertificate };
CFArrayRef certsArray = CFArrayCreate(NULL, certs, 1, NULL);
NSURLCredential *credential = [NSURLCredential credentialWithIdentity:myIdentity certificates:(__bridge NSArray *)certsArray persistence:NSURLCredentialPersistencePermanent];

[challenge.sender useCredential:credential forAuthenticationChallenge:challenge];
CFRelease(myIdentity);
CFRelease(myCertificate);
CFRelease(certsArray);
}
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}
}


-(OSStatus) extractIdentityAndTrust:(CFDataRef)inpfxdata identity:(SecIdentityRef *)identity trust:(SecTrustRef *)trust
{
OSStatus securityError = errSecSuccess;
CFStringRef password = CFSTR("pwd");
const void *keys[] = { kSecImportExportPassphrase };
const void *values[] = { password };
CFDictionaryRef options = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL);
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
securityError = SecPKCS12Import(inpfxdata, options, &items);
if (securityError == 0) {
CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex(items, 0);
const void *tempIdentity = NULL;
tempIdentity = CFDictionaryGetValue(myIdentityAndTrust, kSecImportItemIdentity);
*identity = (SecIdentityRef)tempIdentity;
const void *tempTrust = NULL;
tempTrust = CFDictionaryGetValue(myIdentityAndTrust, kSecImportItemTrust);
*trust = (SecTrustRef)tempTrust;
}
if (options) {
CFRelease(options);
}
return securityError;
}



-(void) connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response{

_Authenticated = YES;
[connection cancel];
[self.webView loadRequest:_FailedRequest];
}

搜尋相關Tags的文章: [ UIWebView ] , [ SSL ] , [ Client Certificate ] ,
本篇文章發表於2013-08-24 00:57
== 簽名檔 ==
/**
程式設計也是設計一類
設計講究的就是興趣或天份了,若無其中一個就不要免強自己踏入此行深淵!
**/
目前尚無任何回覆
   

回覆
如要回應,請先登入.