ssl - 如何使用 Alamofire 使用无效证书访问本地 Https？

Question

我正在尝试使用 Alamofire 连接到本地网络上的网络服务器。如果我用浏览器打开 url，它会发出 ssl 警告。如果我只是忽略并将异常添加到浏览器，它绝对有效。
我阅读了关于这个主题的不同帖子，包括 Alamofire Github 页面，但我无法让它工作。我做错了什么？
提前致谢!
下面是测试代码:
我在代码开头的 ViewController 类下方声明了管理器。

let manager = SessionManager(configuration: URLSessionConfiguration.default, serverTrustPolicyManager: ServerTrustPolicyManager(policies:["10.0.1.19:4491":.disableEvaluation]))
let parameters:Parameters = ["macro":"696B38D0-AF57-4991-83DD-DFD03F1A693B", "value":""]
manager.request("https://10.0.1.19:4491/authenticatedaction.html", parameters:parameters).authenticate(user:user, password:password).response {
 response in
  debugPrint(response)
}

这里是错误:

Alamofire.DefaultDataResponse(request: Optional(https://10.0.1.19:4491/authenticatedaction.html?macro=696B38D0-AF57-4991-83DD-DFD03F1A693B&value=), response: nil, data: Optional(0 bytes), error: Optional(Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “10.0.1.19†which could put your confidential information at risk." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x170134a00>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, NSErrorPeerCertificateChainKey=(
    "<cert(0x108066e00) s: Keyboard Maestro i: Keyboard Maestro CA>"
), NSUnderlyingError=0x170259d70 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x170134a00>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9813, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, kCFStreamPropertySSLPeerCertificates=(
    "<cert(0x108066e00) s: Keyboard Maestro i: Keyboard Maestro CA>"
)}}, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “10.0.1.19†which could put your confidential information at risk., NSErrorFailingURLKey=https://10.0.1.19:4491/authenticatedaction.html?macro=696B38D0-AF57-4991-83DD-DFD03F1A693B&value=, NSErrorFailingURLStringKey=https://10.0.1.19:4491/authenticatedaction.html?macro=696B38D0-AF57-4991-83DD-DFD03F1A693B&value=, NSErrorClientCertificateStateKey=0}), timeline: Timeline: { "Request Start Time": 517316327.668, "Initial Response Time": 517316327.911, "Request Completed Time": 517316327.911, "Serialization Completed Time": 517316327.912, "Latency": 0.243 secs, "Request Duration": 0.243 secs, "Serialization Duration": 0.001 secs, "Total Duration": 0.244 secs }, _metrics: Optional((Task Interval) <_NSConcreteDateInterval: 0x17002b6e0> (Start Date) 2017-05-24 10:58:47 +0000 + (Duration) 0.251558 seconds = (End Date) 2017-05-24 10:58:47 +0000
(Redirect Count) 0
(Transaction Metrics) (Request) <NSURLRequest: 0x170013cd0> { URL: https://10.0.1.19:4491/authenticatedaction.html?macro=696B38D0-AF57-4991-83DD-DFD03F1A693B&value= }
(Response) (null)
(Fetch Start) 2017-05-24 10:58:47 +0000
(Domain Lookup Start) (null)
(Domain Lookup End) (null)
(Connect Start) (null)
(Secure Connection Start) (null)
(Secure Connection End) (null)
(Connect End) (null)
(Request Start) 2017-05-24 10:58:47 +0000
(Request End) 2017-05-24 10:58:47 +0000
(Response Start) 2017-05-24 10:58:47 +0000
(Response End) (null)
(Protocol Name) (null)
(Proxy Connection) NO
(Reused Connection) YES
(Fetch Type) Unknown
))

Answer 1

我终于解决了我的问题。有两个问题。
1. 我需要在函数外声明sessionManager。
let manager = SessionManager(configuration: URLSessionConfiguration.default, serverTrustPolicyManager: ServerTrustPolicyManager(policies:["localhost":.disableEvaluation]))
2. 我在某处读到您需要包含主机的端口号，但这实际上导致了我的问题。
看起来你只需要写“localhost”而不是“localhost:443”。
无论如何，这里是将禁用对所有地址的评估的完整代码。
您不需要对 Info.plist 进行任何更改。 Xcode 为您提供的默认 Info.plist 似乎可以工作。
IOS 10.3.2，Xcode 8.3.2，来自 Github 的 Alamofire Master 分支 (2017-05-23)

import UIKit
import Alamofire

class ViewController: UIViewController {

    open class MyServerTrustPolicyManager: ServerTrustPolicyManager {
        open override func serverTrustPolicy(forHost host: String) -> ServerTrustPolicy? {
            return ServerTrustPolicy.disableEvaluation
        }
    }

    let sessionManager = SessionManager(delegate:SessionDelegate(), serverTrustPolicyManager:MyServerTrustPolicyManager(policies: [:]))

    func connect() {
        let user = "user"
        let password = "password"
        let parameters:Parameters = ["parameter1":"value1", "parameter2":"value2"]
        sessionManager.request("https://localhost:443/index.php", parameters:parameters).authenticate(user:user, password:password).responseString {
            response in
                debugPrint(response.result.value)
            } else {
                debugPrint(response)
            }
        }
    }

    override func viewDidLoad() {
        super.viewDidLoad()
        // Do any additional setup after loading the view, typically from a nib.
        connect()
    }

    override func didReceiveMemoryWarning() {
        super.didReceiveMemoryWarning()
        // Dispose of any resources that can be recreated.
    }

}