发表新帖
发表新帖

Certificate pinning in Alamofire

后端 未结
关注
2 602
自闭症患者
自闭症患者 2021-02-08 09:28

I am creating an iPad app that accesses HTTPS web services. I want to implement pinning, but am having issues.

This class creates the Alamofire Manager (mostly taken fro

相关标签:
2条回答
  • 旧巷少年郎
    2021-02-08 09:35

    So, the issue was that the certificate was saved in the wrong format.

    ServerTrustPolicy.certificatesInBundle() finds all certificates in the bundle based on a list of extensions, then tries to load them using SecCertificateCreateWithData. Per its documentation, this function:

    Returns NULL if the data passed in the data parameter is not a valid DER-encoded X.509 certificate

    When you export a certificate in Firefox, you have a "format" pop-up at the bottom of the file browser. Select "X.509 Certificate (DER)", and you should get a certificate in the right format for this purpose.

    0 讨论(0)
  • 我在风中等你
    2021-02-08 09:42

    First, you need to download the certificate. The best way is to download the certificate on the Firefox browser.

    Step 1

    Go to your webpage/ API and click the lock icon to get a certificate.

    Step 2

    Click View Certificate

    Step 3

    Click Certificate Fields tab's first section and click export

    Step 4

    Select the Format:- DER

    Step 5

    Drag and drop the file into your XCode Project

    Step 6

    Add Certificate under 'Targets > Build Phases > Copy Bundle Resources'

    Step 7

    Add Network Manager File. Replace your URL with google.com

     import Foundation
 import Alamofire
 import SwiftyJSON

 class MYPNetworkManager {


     var Manager: SessionManager?

     init() {
         let serverTrustPolicies: [String: ServerTrustPolicy] = [
             "https://google.com": .pinCertificates(
                 certificates: ServerTrustPolicy.certificates(),
                 validateCertificateChain: true,
                 validateHost: true
             ),
             "insecure.expired-apis.com": .disableEvaluation
         ]

         Manager = SessionManager(
             serverTrustPolicyManager: ServerTrustPolicyManager(policies: 
 serverTrustPolicies)
         )

     }
 }

    Step 8

    Add a file to get the session manager

    import Foundation
import Alamofire
import SwiftyJSON

class APIPinning {

    private static let NetworkManager = MYPNetworkManager()

    public static func getManager() -> SessionManager {
        return NetworkManager.Manager!
    }
 }

    Step 9

    Use this session manager on Alamofire eg:-

     public static func testPinning() {
NetworkManager.Manager!.request("YourURL", method: .get, encoding: URLEncoding.httpBody, headers: MConnect.headersWithToken)
    .validate()
    .responseJSON { response in

        print(response)
        switch response.result {
        case .success:

            if let value = response.result.value {
                let json = JSON(value)
                print(json)
            } else {

            }

        case .failure:
            print("Error")
        }
}
}
    0 讨论(0)
 看不清?
提交回复
热议问题