我一直在使用CocoaAsyncSocket将数据发送到没有SSL的服务器.现在服务器端已经实现了SSL/TLS和客户端身份验证.为了在我们的应用程序中实现这一点,我得到了以下三个文件:
我将文件转换为iOS可读格式,如下所示:
我已经让它工作到SSL.但是客户端身份验证有问题.
这是我的代码:
didConnectToHost:
- (void)socket:(GCDAsyncSocket *)sock didConnectToHost:(NSString *)host port:(uint16_t)port;
{
// Configure SSL/TLS settings
NSMutableDictionary *settings = [NSMutableDictionary dictionaryWithCapacity:3];
// Allow self-signed certificates
CFArrayRef certsArray = [self loadCertificates];
[settings setObject:@0 forKey:GCDAsyncSocketSSLProtocolVersionMax];
[settings setObject:[NSNumber numberWithBool:YES] forKey:GCDAsyncSocketManuallyEvaluateTrust];
[settings setObject:(id)CFBridgingRelease(certsArray) forKey:GCDAsyncSocketSSLCertificates];
[sock startTLS:settings];
}
didReceiveTrust:
- (void)socket:(GCDAsyncSocket *)sock didReceiveTrust:(SecTrustRef)trust completionHandler:(void (^)(BOOL shouldTrustPeer))completionHandler {
NSString *caCertPath = [[NSBundle mainBundle] pathForResource:@"ca-cert" ofType:@"cer"];
NSData *caCertData = [NSData dataWithContentsOfFile:caCertPath];
NSString *clientCertPath = [[NSBundle mainBundle] pathForResource:@"client_cert" ofType:@"cer"];
NSData …