首先,我想就这个问题的长度道歉,但我有两个晚上的问题,并试图清楚地记录问题.
我正在尝试让UIWebView访问https网站,请求双向SSL的客户端证书.我的出发点是Apple文档:证书,密钥和信任服务编程指南 stackoverflow上也有很多帮助.
我想出了以下代码来回答身份验证挑战,加载p12身份文件和crt中间证书,然后展示它们.
-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
NSLog(@"Auth method: %@", challenge.protectionSpace.authenticationMethod);
if([challenge previousFailureCount] <5) {
NSURLProtectionSpace *protectionSpace = [challenge protectionSpace];
NSString *authMethod = [protectionSpace authenticationMethod];
if(authMethod == NSURLAuthenticationMethodServerTrust ) {
NSLog(@"Verifying The Trust");
[[challenge sender] useCredential:[NSURLCredential credentialForTrust:[protectionSpace serverTrust]] forAuthenticationChallenge:challenge];
} else if(authMethod == NSURLAuthenticationMethodClientCertificate ) {
NSLog(@"Getting client certificate");
SecIdentityRef identity = [self getClientCertificate:@"mycert" withPassword:@"password"];
SecCertificateRef intermediateCert = [self getCertificate:@"intermediatecert"];
SecCertificateRef rootCA = [self getCertificate:@"cacert"];
NSMutableArray *combinedCerts = [NSMutableArray array];
[combinedCerts addObject:(__bridge id)intermediateCert];
[combinedCerts addObject:(__bridge id)rootCA];
NSURLCredential …