在开发后端服务时, APP中已经写好了服务器地址, 如何在本地开发机器调试呢? 首先,需要设置本地机器的hosts。 最方便的工具是gas masks https://github.com/2ndalpha/gasmask
添加类似如下代码
127.0.0.1 dev.example.com
生成本地证书 copy default OpenSSL config
cp /usr/local/etc/openssl/openssl.cnf .
make changes according to https://fbcs.co.uk/self-signed-multiple-domain-ssl-certificates/
vim openssl.cnf
在openssl.cnf的[ v3_ca ]
字段下面添加
subjectAltName = @alt_names
[alt_names]
DNS.1 = localhost
DNS.2 = dev.example.io
IP.1 = 0.0.0.0
IP.2 = 127.0.0.1
generate certificate
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout project.key -out project.crt -config openssl.cnf
Generating a 2048 bit RSA private key
......................+++
..................................................................................................................+++
writing new private key to 'project.key'
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:.
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (e.g. server FQDN or YOUR name) []:dummy.dev
Email Address []:.
将生成的两个文件copy到etc/nginx/ssl目录下, 如下配置nginx.conf
add https endpoint
vim nginx.conf
server {
listen 443;
server_name ~^(.+)$;
ssl on;
ssl_certificate ssl/project.crt;
ssl_certificate_key ssl/project.key;
location / {
add_header Content-Type text/plain;
return 200 'secure gangnam style!';
}
}
sudo brew services restart nginx
visit https://localhost & make the certificate trustworthy by adding to keychain http://www.robpeck.com/2010/10/google-chrome-mac-os-x-and-self-signed-ssl-certificates/
将project.crt文件拖入keychain_access.app的system分区,双击这个文件
选择trust信赖,设置ssl和x509为一直信赖
这时打开 https://localhost/ 会显示 secure gangnam style!
在etc/nginx/server/目录下添加开发中的服务器转向配置
server {
listen 443 ssl;
server_name dev.example.com;
ssl_certificate ssl/project.crt;
ssl_certificate_key ssl/project.key;
ssl_verify_client off;
#...
location / {
proxy_pass http://127.0.0.1:8080;
#...
}
}
在ios虚拟机中访问本地开发网站 将project.crt拖入虚拟机,将打开safari, 选择install,将可以安装全局信任证书 但暂时无法被safari和app识别