Alamofire/Moya SSL 请求因 ATS 系统信任失败而失败。 X 的系统信任失败

Question

我正在尝试使用 SSL 和通过 Alamofire 使用 RxMoya 的自签名证书发出 https 请求，但它一直给我 ATS 失败的系统信任。 我已经在很多地方搜索了解决方案，但我还无法弄清楚。我有一个 .crt 证书并转换为 .der 并将其放在我的主包中 这是 Stacktrace：

     2017-12-07 13:01:05.918360+0100 SmartBackpackerApp[86030:5429201] ATS failed system trust
2017-12-07 13:01:05.919271+0100 SmartBackpackerApp[86030:5429201] System Trust failed for [4:0x60000016b4c0]
2017-12-07 13:01:05.920438+0100 SmartBackpackerApp[86030:5429201] TIC SSL Trust Error [4:0x60000016b4c0]: 3:0
2017-12-07 13:01:05.921390+0100 SmartBackpackerApp[86030:5429201] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)
2017-12-07 13:01:05.922103+0100 SmartBackpackerApp[86030:5429201] Task <F73E31A0-8AC4-40B4-B80C-05182D3E5647>.<1> HTTP load failed (error code: -1200 [3:-9802])
2017-12-07 13:01:05.923528+0100 SmartBackpackerApp[86030:5429201] Task <F73E31A0-8AC4-40B4-B80C-05182D3E5647>.<1> finished with error - code: -1200
Moya_Logger: [07/12/2017 13:01:05] Response: Received empty network response for airlines("Easy Jet").
2017-12-07 13:01:05.945: SBAirlinesService.swift:39 (getAirlineInfo(name:)) -> Event error(underlying(Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x604000307980>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, NSErrorPeerCertificateChainKey=(
    "<cert(0x7fca6a853800) s: api.smartbackpacker.com i: api.smartbackpacker.com>"
), NSUnderlyingError=0x600000656080 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x604000307980>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerCertificates=(
    "<cert(0x7fca6a853800) s: api.smartbackpacker.com i: api.smartbackpacker.com>"
)}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://api.smartbackpackerapp.com/v1/airlines?name=Easy%20Jet, NSErrorFailingURLStringKey=https://api.smartbackpackerapp.com/v1/airlines?name=Easy%20Jet, NSErrorClientCertificateStateKey=0}, nil))

这是我用来发出请求的代码：

let serverTrustPolicies = ["api.smartbackpackerapp.com": ServerTrustPolicy.pinCertificates(certificates: ServerTrustPolicy.certificates(), validateCertificateChain: false, validateHost: true)]
        self.manager = Manager(configuration: URLSessionConfiguration.default, serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies))
        self.manager.delegate.sessionDidReceiveChallenge = { [weak self] session, challenge in
            var disposition: URLSession.AuthChallengeDisposition = .performDefaultHandling
            var credential: URLCredential?

            if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust, let trust = challenge.protectionSpace.serverTrust {
                disposition = URLSession.AuthChallengeDisposition.useCredential
                credential = URLCredential(trust: trust)
            } else {
                if challenge.previousFailureCount > 0 {
                    disposition = .cancelAuthenticationChallenge
                } else {
                    credential = self?.manager.session.configuration.urlCredentialStorage?.defaultCredential(for: challenge.protectionSpace)

                    if credential != nil {
                        disposition = .useCredential
                    }
                }
            }

            return (disposition, credential)
        }
    }


    provider = RxMoyaProvider<SBApi>(manager: self.manager, plugins: plugins)
    return provider.request(.airlines(name: name))
                    .debug()
                    .filterSuccessfulStatusCodes()
                    .mapObject(SBAirline.self)
                    .asObservable()

在我的 Info.plist 文件中：

<key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>https://api.smartbackpackerapp.com</key>
            <dict>
                <key>NSExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSExceptionRequiresForwardSecrecy</key>
                <false/>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
                <key>NSAllowsArbitraryLoads</key>
                <true/>
            </dict>
        </dict>
    </dict>

Answer 1

天哪，我在 Info.plist 上输入了错误的域，它没有 https://

为此浪费了几个小时。 :(