【发布时间】:2013-11-26 20:50:54
【问题描述】:
我将 Apache Server 使用的 .cer 证书放在了 Xcode 项目中。当应用程序尝试与服务器通信时,我在 Xcode 中收到此错误:
Assertion failure in id AFPublicKeyForCertificate(NSData *__strong)(),
/Users/../ProjectName/AFNetworking/AFSecurityPolicy.m:52
*** Terminating app due to uncaught exception 'NSInternalInconsistencyException',
reason: 'Invalid parameter not satisfying: allowedCertificate'
这是调用服务器的代码:
AFHTTPRequestOperationManager *manager = [AFHTTPRequestOperationManager manager];
manager.responseSerializer = [AFJSONResponseSerializer serializer];
[self setSecurityPolicy:[AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey]];
[manager POST:@"https://www.example.com/" parameters:params success:^(AFHTTPRequestOperation *operation, id responseObject) {
//success
} failure:^(AFHTTPRequestOperation *operation, NSError *error) {
//failure
}];
我将固定模式更改为 AFSSLPinningModeCertificate,但没有成功。
当我删除这一行时:
[self setSecurityPolicy:[AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey]];
服务器返回错误信息:
"The operation couldn't be completed. (NSURLErrorDomain error -1012.)"
证书是使用 OpenSSL 创建的,我什至尝试了 StartSSL.com 的免费证书
至于 Apache Server 端,这里是虚拟主机配置:
# My custom host
<VirtualHost *:443>
ServerName www.example.com
DocumentRoot "/path/to/folder"
SSLEngine on
SSLCipherSuite HIGH:!aNULL:!MD5
SSLCertificateFile /path/to/www.example.com.cer
SSLCertificateKeyFile /path/to/www.example.com.key
<Directory "/the/directory/">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "logs/mysite.local-error_log"
</VirtualHost>
而且服务器确实监听 443 端口
【问题讨论】:
标签: ios apache ssl-certificate afnetworking-2