我有ssl证书(.cer)作为文件提供给我.我将它添加到捆绑包中,并希望使用它与服务器进行通信.
我使用了苹果提供的代码:
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge{
DLog(@"didReceiveAuthenticationChallenge : %@",challenge);
if ([challenge.protectionSpace.authenticationMethod
isEqualToString:NSURLAuthenticationMethodServerTrust])
{
NSString *filePath = [[NSBundle mainBundle] pathForResource:@"certificate" ofType:@"cer"];
NSData *certData = [NSData dataWithContentsOfFile:filePath];
CFDataRef myCertData = (__bridge CFDataRef)certData;
SecCertificateRef myCert = SecCertificateCreateWithData(NULL,
myCertData);
SecPolicyRef myPolicy = SecPolicyCreateBasicX509(); // 3
SecCertificateRef certArray[1] = { myCert };
CFArrayRef myCerts = CFArrayCreate(NULL,
(void *)certArray,
1,
NULL);
SecTrustRef myTrust;
OSStatus status = SecTrustCreateWithCertificates(
myCerts,
myPolicy,
&myTrust); // 4
SecTrustResultType trustResult = 0;
if (status == noErr) {
status = SecTrustEvaluate(myTrust, &trustResult); …