我正在iOS应用程序中工作。 我试图连接到https服务器与NSStream连接。 随着NSURLConnection,这项工作很好,我可以信任这样的挑战:SSL流套接字连接
-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
}
但我的问题是,仅在流中可用的委托:
- (void) stream:(NSStream *)stream handleEvent:(NSStreamEvent)eventCode {
}
如何管理呢?
我终于找到了解决方案。感谢Wireshark
[inStream setProperty:(id)kCFBooleanFalse forKey:(NSString *)kCFStreamPropertyShouldCloseNativeSocket];
[outStream setProperty:(id)kCFBooleanFalse forKey:(NSString *)kCFStreamPropertyShouldCloseNativeSocket];
NSMutableDictionary *settings = [NSMutableDictionary dictionaryWithCapacity:1];
[settings setObject:_certificates forKey:(id)kCFStreamSSLCertificates];
[settings setObject:(NSString *)NSStreamSocketSecurityLevelNegotiatedSSL forKey:(NSString *)kCFStreamSSLLevel];
[settings setObject:[NSNumber numberWithBool:YES] forKey:(NSString *)kCFStreamSSLAllowsAnyRoot];
[settings setObject:@"MY HOST" forKey:(NSString *)kCFStreamSSLPeerName];
CFReadStreamSetProperty((CFReadStreamRef)inStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings);
CFWriteStreamSetProperty((CFWriteStreamRef)outStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings);
最重要的是设置没有当前证书的证书。 您应该设置链中的当前身份和其他证书。 这应该由iOSX使用身份设置,通常私钥将可用于流。
希望得到这个帮助