问题
How does react-native use self-signed certificates for HTTPS requests?
axios({
method: 'POST',
url: url,
headers: headers,
data: params,
timeout: timeout,
// httpsAgent: new https.Agent({ rejectUnauthorized: false }),
})
回答1:
You may try below :
NPM : react-native-ssl-pinning
for more info : npmjs.com/package/react-native-ssl-pinning
回答2:
I was able to enable SSL pinning on the iOS part for my React Native Application using TrustKit. I am also using Axios to make server interactions. There are two ways to implement TrustKit, by code or by using Info.plist. I have done using the Info.plist and you can find the implementation for the same below:
- Add and install TrustKit in your podfile. (
pod 'TrustKit') - Open your Info.plist as Source Code add the below code to it.
<key>TSKConfiguration</key>
<dict>
<key>TSKSwizzleNetworkDelegates</key>
<true/>
<key>TSKPinnedDomains</key>
<dict>
<key>yourDomain.com</key>
<dict>
<key>TSKPublicKeyHashes</key>
<array>
<string>public key 1</string>
<string>public key 2</string>
</array>
<key>TSKPublicKeyAlgorithms</key>
<array>
<string>TSKAlgorithmRsa2048</string>
</array>
<key>TSKIncludeSubdomains</key>
<true/>
<key>TSKEnforcePinning</key>
<true/>
</dict>
</dict>
</dict>
Important things to note:
TSKSwizzleNetworkDelegatesneeds to be set to true.yourDomain.comis the base URL for your API.public Key 1andpublic Key 2are the public keys for your API. You can get the pubic keys for any public domain hereTSKEnforcePinningcan be used to enable / disable SSL pinning by setting it totrue/falserespectively. (Incase you wish to enable/disable it temporarily)- For more details, please check out TrustKit Documentation
来源:https://stackoverflow.com/questions/59762520/react-native-axios-https