这是我在Obj-C和JAVA项目中使用的C++代码.
string readBuffer;
string certificateBeingUsed;
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://apiServer");
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteCallback);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &readBuffer);
curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 120);
curl_easy_setopt(curl, CURLOPT_ENCODING, GZIP);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER , true);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST , 2);
curl_easy_setopt(curl, CURLOPT_CAINFO,certificateBeingUsed);
CURLcode res;
res = curl_easy_perform(curl);
在Xcode中,我将我的证书"certificatePinning.der"存储在Resources/Certificates文件夹中.
要使用上面的代码,我将certificateBeingUsed设置为我的证书路径:
certificateBeingUsed = "/Users/graceo/Library/Developer/CoreSimulator/Devices/1BB154CB-276B-4DDC-86C8-4975213D7E3B/data/Containers/Bundle/Application/4819EC2A-CA18-46BF-815F-445B5E3E519F/TestStoryBoardWithLibraryAndSwift.app/certificatePinning.der"
并res返回readBuffer包含从服务器发送的响应的成功.
在Android Studio中,我将我的证书"certificatePinning.der"存储在assets文件夹中.(我在使用之前将其复制到数据文件夹中)
要使用上面的代码,我将certificateBeingUsed设置为我的证书路径:
certificateBeingUsed = "/data/data/packageName/certificatePinning.der"
但是res返回CURLE_SSL_CACERT_BADFILE (77)并且readBuffer是空的
我在Android中遗漏的是什么,无法验证与服务器存储的证书?
注意: