The certificate for this server is invalid

Try this.

Initiate your session using custom session config as shown below:

let session = URLSession(configuration: URLSessionConfiguration.ephemeral,
                                 delegate: self,
                                 delegateQueue: nil)

Implement the following delegate callback method:

public func urlSession(_: URLSession, task _: URLSessionTask, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
    guard let serverTrust = challenge.protectionSpace.serverTrust else {
        return completionHandler(URLSession.AuthChallengeDisposition.useCredential, nil)
    }
    return completionHandler(URLSession.AuthChallengeDisposition.useCredential, URLCredential(trust: serverTrust))
}

you can't fix it with the way you are trying

  • either drop to CFNetworking to allow bad certs
  • use NSConnection with a delegate and an undoc'd method
  • use the private API you found

all not good. CFNetwork would have to be OK for apple for now but the other 2 methods aren't even appstore-safe

Better get the server fixed. Thats the easiest and CLEANEST


The webserver which you are using is asking for Server Trust Authentication, you need to properly respond with the appropriate action. You need to implement connection:willSendRequestForAuthenticationChallenge: delegate method and use SecTrustRef to authenticate it.

More information can be found here:- https://developer.apple.com/library/ios/technotes/tn2232/_index.html

This was my code to fix error:

- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
    NSURLProtectionSpace *protectionSpace = [challenge protectionSpace];

    id<NSURLAuthenticationChallengeSender> sender = [challenge sender];

    if ([[protectionSpace authenticationMethod] isEqualToString:NSURLAuthenticationMethodServerTrust])
    {
        SecTrustRef trust = [[challenge protectionSpace] serverTrust];

        NSURLCredential *credential = [[NSURLCredential alloc] initWithTrust:trust];

            [sender useCredential:credential forAuthenticationChallenge:challenge];
    }
    else
    {
        [sender performDefaultHandlingForAuthenticationChallenge:challenge];
    }
}

If you are using AFNetworking, you can use this code:

(Just as a temp client-side solution!)

AFHTTPSessionManager * apiManager = [AFHTTPSessionManager initWithBaseURL:[NSURL URLWithString:baseURL];
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
policy.allowInvalidCertificates = YES;
apiManager.securityPolicy = policy;

Tags:

Ios

Iphone

Nsurlconnection

Nsurlconnectiondelegate

Recent Posts