swift-How to Connect localhost (with invalid certificate) using Alamofire?

cnoon 2015-08-02 02:53:32

You can easily override the default challenge behavior in Alamofire using the SessionDelegate override closures. Here is an example of how you can allow Alamofire to accept invalid certificates:

IMPORTANT: Please do not use this in any production code. Security is VERY important and this implementation completely disregards the security mechanisms in Alamofire. Use at your own risk!

let manager = Alamofire.Manager.sharedInstance

manager.delegate.sessionDidReceiveChallenge = { session, challenge in
    var disposition: NSURLSessionAuthChallengeDisposition = .PerformDefaultHandling
    var credential: NSURLCredential?

    if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
        disposition = NSURLSessionAuthChallengeDisposition.UseCredential
        credential = NSURLCredential(forTrust: challenge.protectionSpace.serverTrust)
    } else {
        if challenge.previousFailureCount > 0 {
            disposition = .CancelAuthenticationChallenge
        } else {
            credential = manager.session.configuration.URLCredentialStorage?.defaultCredentialForProtectionSpace(challenge.protectionSpace)

            if credential != nil {
                disposition = .UseCredential
            }
        }
    }

    return (disposition, credential)
}

We (the Alamofire TC) are going to implement TLS pinning and several other features related to security in the Alamofire 1.3.0 release.

UPDATE

The Alamofire 1.3.0 release is out and adds MUCH better support for customizing server trust authentication challenges. For further info, please check out the Security section of the README.

ShatyUT 2015-06-03 03:40:41

Thank you for sharing this! Could you provide any direction for where this code may go? I'm new to iOS and learning this as I go. I am only turning this off to test my app. My production server is the only one at this point with a valid SSL cert and I REALLY do not want to test my app against production at this stage.

cnoon 2015-06-03 15:07:08

This blog should get you going in the right direction.

ShatyUT 2015-06-03 15:19:30

Thanks for sharing that blog. It will be very helpful but isn't really what I was asking. I'm not sure where the above code you posted is supposed to live. I've placed it in a number of places in my app but the overridden delegate method is never called.

ShatyUT 2015-06-05 20:13:47

Edit submitted but I figured out why this code was not working for me. It is creating a brand new Alamofire.Manager instance and setting the delegate method on that instance. It should set the delegate method on Alamofire.Manager.sharedInstance instead so that it properly overrides the instance being used by the framework. Thank again for sharing the code, @cnoon!

cnoon 2015-06-06 06:21:45

Sorry for the confusion @ShatyUT. In order to avoid this issue for others in the future, I updated the answer accordingly. This is a common mistake that I've seen many times on various Alamofire questions.

How to Connect localhost (with invalid certificate) using Alamofire?

UPDATE

热门帖子

热门github