Nick's answer will keep your app from being accepted by Apple in the App Store and George's answer will fail to load the remainder of a page that has .css or .js or any other secondary downloads. There is a complete answer herethat allows the UIWebView to load pages from a site with an untrusted certificate.

Nick 的回答将阻止您的应用在 App Store 中被 Apple 接受，George 的回答将无法加载具有 .css 或 .js 或任何其他二次下载的页面的其余部分。有一个完整的答案在这里，它允许一个UIWebView负载页面从一个不受信任的证书的站点。

If it's just for testing during development you can create a category on NSURLRequest and override the following private method:

如果只是为了在开发过程中进行测试，您可以在 NSURLRequest 上创建一个类别并覆盖以下私有方法：

#if DEBUG

@implementation NSURLRequest (NSURLRequestWithIgnoreSSL) 

+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString *)host
{
    return YES;
}

@end

#endif

Just put this anywhere in one of your .m files (e.g. app delegate), or put it in it's own .m file. You don't need a matching header file.

只需将它放在您的 .m 文件之一（例如应用程序委托）中的任何位置，或者将其放在它自己的 .m 文件中。您不需要匹配的头文件。

The #if DEBUGis a precaution to prevent you from accidentally leaving it enabled when you submit to Apple, but if you need it to work in a release build then remove that (and make sure you remember to restore it or remove this category before you submit to Apple).

这#if DEBUG是一种预防措施，可防止您在提交给 Apple 时意外启用它，但如果您需要它在发布版本中工作，请删除它（并确保在提交给 Apple 之前记得恢复它或删除此类别）。

Swift 3/4 version for Nick Lockwood answer.

Nick Lockwood 的 Swift 3/4 版本回答。

This is just for testing/development purposes:

这仅用于测试/开发目的：

extension NSURLRequest {
    #if DEBUG
    static func allowsAnyHTTPSCertificate(forHost host: String) -> Bool {
        return true
    }
    #endif
}

In iOS 9, SSL connections will fail for all invalid or self-signed certificates. This is the default behavior of the new App Transport Securityfeature in iOS 9.0 or later, and on OS X 10.11 and later.

在 iOS 9 中，所有无效或自签名证书的 SSL 连接都将失败。这是iOS 9.0 或更高版本以及 OS X 10.11 和更高版本中新应用传输安全功能的默认行为。

You can override this behavior in the Info.plist, by setting NSAllowsArbitraryLoadsto YESin the NSAppTransportSecuritydictionary. However, I recommend overriding this setting for testing purposes only.

您可以Info.plist通过在字典中设置NSAllowsArbitraryLoadsto来覆盖 , 中的此行为。但是，我建议仅出于测试目的覆盖此设置。YESNSAppTransportSecurity

For information see App Transport Technote here.

有关信息，请参阅此处的应用传输技术说明。

Using the below two methods we can allow unverified ssl in UIWebview

使用以下两种方法，我们可以在 UIWebview 中允许未经验证的 ssl

-(BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace;

-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge;

I have answered in detail how to achieve this here

我在这里详细回答了如何实现这一目标

There's a way to do this legally (by App Store laws at least). When you use the NSURLConnection there are 2 methods that can be used to allow self-signed SSL certificates to be used:

有一种方法可以合法地做到这一点（至少通过 App Store 法律）。当您使用 NSURLConnection 时，有两种方法可用于允许使用自签名 SSL 证书：

How to use NSURLConnection to connect with SSL for an untrusted cert?

如何使用 NSURLConnection 连接 SSL 以获得不受信任的证书？

If you implement UIWebViewDelegate use the

如果您实现 UIWebViewDelegate 使用

- (BOOL)webView:(UIWebView *)webView shouldStartLoadWithRequest:(NSURLRequest *)request navigationType:(UIWebViewNavigationType)navigationType;

Return NO to this so that the WebView doesn't load on its own. Then construct an NSURLConnection (which can be used with unsigned certificates via the above link).

对此返回 NO 以便 WebView 不会自行加载。然后构造一个 NSURLConnection（可以通过上面的链接与未签名的证书一起使用）。

Of course the usual SSL recommendations apply here:
-Don't use an unsigned cert on production servers!
-Always surface a warning letting your user decide whether to accept the cert or not.

当然，通常的 SSL 建议适用于此处：
- 不要在生产服务器上使用未签名的证书！
- 始终显示警告，让您的用户决定是否接受证书。

I know its a bit late but it can help others, I found an article to bypass ssl in iOS app, All you need to do is setup your webview and do a post request from application to your server and if you get an ssl error that means you dont have a valid certificate on your server, In order to bypass you have to use webview delegates methonds which are 1.) Can Authenticate Against Protection Space 2.) Should start load with request 3.) Did Receive Authentication Challenge You can copy these function from this URL, For me it works pretty well. Hope it helps

我知道它有点晚了，但它可以帮助其他人，我找到了一篇文章来绕过 iOS 应用程序中的 ssl，您需要做的就是设置您的 webview 并执行从应用程序到您的服务器的发布请求，如果您收到 ssl 错误意味着您的服务器上没有有效的证书，为了绕过，您必须使用 webview 委托方法，即 1.) 可以针对保护空间进行身份验证 2.) 应该开始加载请求 3.) 是否收到了身份验证挑战 您可以复制这些来自这个URL 的函数，对我来说效果很好。希望能帮助到你