Certificate pinning in Alamofire

So, the issue was that the certificate was saved in the wrong format.

ServerTrustPolicy.certificatesInBundle() finds all certificates in the bundle based on a list of extensions, then tries to load them using SecCertificateCreateWithData. Per its documentation, this function:

Returns NULL if the data passed in the data parameter is not a valid DER-encoded X.509 certificate

When you export a certificate in Firefox, you have a "format" pop-up at the bottom of the file browser. Select "X.509 Certificate (DER)", and you should get a certificate in the right format for this purpose.

First, you need to download the certificate. The best way is to download the certificate on the Firefox browser.

Step 1

Go to your webpage/ API and click the lock icon to get a certificate.

Step 2

Click View Certificate

Step 3

Click Certificate Fields tab's first section and click export

Step 4

Select the Format:- DER

Step 5

Drag and drop the file into your XCode Project

Step 6

Add Certificate under 'Targets > Build Phases > Copy Bundle Resources'

Step 7

Add Network Manager File. Replace your URL with google.com

 import Foundation
 import Alamofire
 import SwiftyJSON

 class MYPNetworkManager {


     var Manager: SessionManager?

     init() {
         let serverTrustPolicies: [String: ServerTrustPolicy] = [
             "https://google.com": .pinCertificates(
                 certificates: ServerTrustPolicy.certificates(),
                 validateCertificateChain: true,
                 validateHost: true
             ),
             "insecure.expired-apis.com": .disableEvaluation
         ]

         Manager = SessionManager(
             serverTrustPolicyManager: ServerTrustPolicyManager(policies: 
 serverTrustPolicies)
         )

     }
 }

Step 8

Add a file to get the session manager

import Foundation
import Alamofire
import SwiftyJSON

class APIPinning {

    private static let NetworkManager = MYPNetworkManager()

    public static func getManager() -> SessionManager {
        return NetworkManager.Manager!
    }
 }

Step 9

Use this session manager on Alamofire eg:-

 public static func testPinning() {
NetworkManager.Manager!.request("YourURL", method: .get, encoding: URLEncoding.httpBody, headers: MConnect.headersWithToken)
    .validate()
    .responseJSON { response in

        print(response)
        switch response.result {
        case .success:

            if let value = response.result.value {
                let json = JSON(value)
                print(json)
            } else {

            }

        case .failure:
            print("Error")
        }
}
}