我想创建一个通过TCP/IP从iOS到一个Erlang服务器的SSL连接。服务器使用自签名证书(Erlang OTP附带的默认证书)。iOS和Erlang - SSL握手失败,自签名证书
每次,SSL握手失败: - CFNetwork的SSLHandshake失败(-9824 - > -9829) - CFNetwork的SSLHandshake失败(-9807)
这是一个方法,我用:
CFReadStreamRef readStream;
CFWriteStreamRef writeStream;
CFStreamCreatePairWithSocketToHost(NULL, (CFStringRef)@"my-server-name", 1234, &readStream, &writeStream);
//------------------------------------------------------
// Set props.
//
CFReadStreamSetProperty(readStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelNegotiatedSSL);
CFReadStreamSetProperty(readStream, kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
CFReadStreamSetProperty(readStream, kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
CFReadStreamSetProperty(readStream, kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
CFReadStreamSetProperty(readStream, kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
CFReadStreamSetProperty(readStream, kCFStreamSSLPeerName, kCFNull);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelNegotiatedSSL);
CFWriteStreamSetProperty(writeStream, kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
CFWriteStreamSetProperty(writeStream, kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
CFWriteStreamSetProperty(writeStream, kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
CFWriteStreamSetProperty(writeStream, kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
CFWriteStreamSetProperty(writeStream, kCFStreamSSLPeerName, kCFNull);
//------------------------------------------------------
// Open streams.
//
if(!CFReadStreamOpen(readStream))
{
NSLog(@"CFReadStreamOpen Failed!");
return 0;
}
if(!CFWriteStreamOpen(writeStream))
{
NSLog(@"CFWriteStreamOpen Failed!");
CFReadStreamClose(readStream);
return 0;
}
//------------------------------------------------------
// Send some data.
//
UInt8 data[20] = {0};
*(ushort*)data = 18;
for(int i = 2; i < 20; i++)
{
data[i] = 'A' + i;
}
NSLog(@"Sending some data...");
CFIndex bytesSent = CFWriteStreamWrite(writeStream, data, 20);
NSLog(@"Bytes Sent: %d", (int)bytesSent);
//------------------------------------------------------
// Close streams.
//
CFReadStreamClose(readStream);
CFWriteStreamClose(writeStream);
我也试图与SecureTransport(SSLCreateContext,SSLSetConnection,SSLHandshake它是相同的 - 。SSL握手失败
任何建议非常赞赏
。