在开发的时候我们很多时候都要用到https，现在我主要用都请求方式有两种，一种是不校验证书（不需要导入.cer文件），这种比较简单。

在Info.plist中添加NSAppTransportSecurity类型Dictionary。

在NSAppTransportSecurity下添加NSAllowsArbitraryLoads类型Boolean,值设为YES

1.不需要导入证书

.h文件

@interface ZRNetWork :NSObject

@property(nonatomic,strong)AFHTTPSessionManager*manager;

+(instancetype)shareInstance;

.m文件

staticZRNetWork*network;

+(instancetype)shareInstance{

staticdispatch_once_tonceToken;

dispatch_once(&onceToken, ^{

network=[[ZRNetWorkalloc]init];

[networksetManager];

});

returnnetwork;

}

-(void)setManager{

_manager= [AFHTTPSessionManagermanager];

//AFSecurityPolicy *securityPolicy = [AFSecurityPolicy defaultPolicy];

AFSecurityPolicy*securityPolicy = [AFSecurityPolicypolicyWithPinningMode:AFSSLPinningModeCertificate];

//allowInvalidCertificates是否允许无效证书（也就是自建的证书），默认为NO//如果是需要验证自建证书，需要设置为YES

securityPolicy.allowInvalidCertificates=YES;

//validatesDomainName是否需要验证域名，默认为YES；

securityPolicy.validatesDomainName=NO;

[_manager.requestSerializerwillChangeValueForKey:@"timeoutinterval"];

_manager.requestSerializer.timeoutInterval=20.f;

[_manager.requestSerializerdidChangeValueForKey:@"timeoutinterval"];

_manager.securityPolicy= securityPolicy;

_manager.responseSerializer= [AFHTTPResponseSerializerserializer];

}

然后封装网络请求（测试）就可以了

-(void)rquestWithTestSuccess:(ZRBlock)block{

[selfPOSTWithHOST:Request_URL_Testparameters:nilshow:YESblock:^(idobj) {

block(obj);

}];

}

2.需要导入.cer证书，（在阿里云服务器中下载证书，里面有几个证书，但是主要用到都是publick.pem）

openssl x509 -in 下载的publick.pem -out 想要的名字.cer -outform der（不转化使用的时候会报错）

_manager= [AFHTTPSessionManagermanager];

//AFSecurityPolicy *securityPolicy = [AFSecurityPolicy defaultPolicy];

AFSecurityPolicy*securityPolicy = [AFSecurityPolicypolicyWithPinningMode:AFSSLPinningModeCertificate];

//allowInvalidCertificates是否允许无效证书（也就是自建的证书），默认为NO//如果是需要验证自建证书，需要设置为YES

securityPolicy.allowInvalidCertificates=YES;

//validatesDomainName是否需要验证域名，默认为YES；

securityPolicy.validatesDomainName=NO;

[_manager.requestSerializerwillChangeValueForKey:@"timeoutinterval"];

_manager.requestSerializer.timeoutInterval=20.f;

[_manager.requestSerializerdidChangeValueForKey:@"timeoutinterval"];

_manager.securityPolicy= securityPolicy;

_manager.responseSerializer= [AFHTTPResponseSerializerserializer];

[selfsetSecerityCertificater];

//设置证书

-(void)setSecerityCertificater{

__weaktypeof(self) weakSelf =self;

[_managersetSessionDidReceiveAuthenticationChallengeBlock:^NSURLSessionAuthChallengeDisposition(NSURLSession*session,NSURLAuthenticationChallenge*challenge,NSURLCredential*__autoreleasing*_credential) {

SecTrustRefserverTrust = [[challengeprotectionSpace]serverTrust];

/**

*导入多张CA证书   zbc需要替换成你证书的名字

*/

NSString*cerPath = [[NSBundlemainBundle]pathForResource:@"zbc"ofType:@"cer"];//自签名证书

//NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"public" ofType:@"pem"];//自签名证书

//NSString *cerPath2 = [[NSBundle mainBundle] pathForResource:@"public" ofType:@"cer"];//自签名证书

NSData* caCert = [NSDatadataWithContentsOfFile:cerPath];

//NSArray *cerArray = @[caCert];

NSSet*cerArray = [[NSSetalloc]initWithObjects:caCert,nil];

weakSelf.manager.securityPolicy.pinnedCertificates= cerArray;

SecCertificateRefcaRef =SecCertificateCreateWithData(NULL, (__bridgeCFDataRef)caCert);

NSCAssert(caRef !=nil,@"caRef is nil");

NSArray*caArray =@[(__bridgeid)(caRef)];

NSCAssert(caArray !=nil,@"caArray is nil");

OSStatusstatus =SecTrustSetAnchorCertificates(serverTrust, (__bridgeCFArrayRef)caArray);

SecTrustSetAnchorCertificatesOnly(serverTrust,NO);

NSCAssert(errSecSuccess == status,@"SecTrustSetAnchorCertificates failed");

NSURLSessionAuthChallengeDispositiondisposition =NSURLSessionAuthChallengePerformDefaultHandling;

__autoreleasingNSURLCredential*credential =nil;

if([challenge.protectionSpace.authenticationMethodisEqualToString:NSURLAuthenticationMethodServerTrust]) {

if([weakSelf.manager.securityPolicyevaluateServerTrust:challenge.protectionSpace.serverTrustforDomain:challenge.protectionSpace.host]) {

credential = [NSURLCredentialcredentialForTrust:challenge.protectionSpace.serverTrust];

if(credential) {

disposition =NSURLSessionAuthChallengeUseCredential;

}else{

disposition =NSURLSessionAuthChallengePerformDefaultHandling;

}

}else{

disposition =NSURLSessionAuthChallengeCancelAuthenticationChallenge;

}

}else{

disposition =NSURLSessionAuthChallengePerformDefaultHandling;

}

returndisposition;

}];

}

到此，基本可以了