* AFSSLPinningModeNone 不做SSL pinning 只信任证书颁发机构证书,自己生成证书不通过
* AFSSLPinningModeCertificate 客户端保存证书拷贝 第一步验证证书的域名/有效期等信息,第二步是对比服务端返回的证书跟客户端返回的是否一致。
* AFSSLPinningModePublicKey 客户端保存证书拷贝 只是验证时只验证证书里的公钥,不验证证书的有效期等信息
AFSecurityPolicy*securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
NSString * cerPath = [[NSBundle mainBundle] pathForResource:@”server” ofType:@”cer”];
NSData * cerData = [NSData dataWithContentsOfFile:cerPath];
NSSet *dataSet = [NSSet setWithArray:@[cerData]];
[securityPolicy setAllowInvalidCertificates:YES];
[securityPolicy setPinnedCertificates:dataSet];
//是否验证域名证书的CN字段。默认为“是”———————-测试这里改为NO;
[securityPolicy setValidatesDomainName:NO];
[_httpSessionManager setSecurityPolicy:securityPolicy];