Home / IOS Development / Ios – Trust invalid certificate with DisableEvaluation on Alamofire

Ios – Trust invalid certificate with DisableEvaluation on Alamofire

I must reach an API that has an invalid certificate and a basic Auth. As I searched, I needed to write custom SessionManager and add a value for the plist file. After several days of search and many posts, I can not reach the API.

  struct CustomManagerClass {

static la instance = CustomManagerClass ()
was sessionManager: SessionManager = {

la serverTrustPolicies: [String: ServerTrustPolicy] = [
        "baseurl.com:8443": .disableEvaluation

// Create custom manager
leave configuration = URLSessionConfiguration.default
configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders
let the boss = Alamofire.SessionManager (
configuration: configuration,
serverTrustPolicyManager: ServerTrustPolicyManager (policies: serverTrustPolicies)

return manager
} ()

plist file:


NSIncludesSubdomains NSExceptionRequiresForwardSecrecy NSExceptionAllowsInsecureHTTPLoads

How I call it:

  CustomManagerClass.instance.sessionManager.request (route) .responseJSON (completionHandler: {(results) in
completion (result)
}) // Route here is a ServiceConfiguration class that defines http method, parameters and basic auth.

It still returns;

Task <4CE5991B-2650-471C-AB77-69D54B8E36F3>. <1> completed with error code: -1202
The certificate for this server is invalid. You can connect to a server claiming to be "baseurl.com" which may endanger your confidential information.

Posts I got help:
Certificate invalid version with Alamofire 4.0

How to use Alamofire ServerTrustPolicy.disableEvaluation in swift 3

EDIT: I add under code to trust certificate. Now it returns HTTP 500

  CustomManagerClass.instance.sessionManager.delegate.sessionDidReceiveChallenge = {increased challenge in
were out of date: URLSession.AuthChallengeDisposition = .performDefaultHandling
was credentials: URLCredential?

print ("received challenge")

whose challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
Outline = URLSession.AuthChallengeDisposition.useCredential
ID = URLCredential (trust: challenge.protectionSpace.serverTrust!)
} other {
whose challenge.previousFailureCount> 0 {
outline = .cancelAuthenticationChallenge
} other {
credential = CustomManagerClass.instance.sessionManager.session.configuration.urlCredentialStorage? .defaultCredential (for: challenge.protectionSpace)

whose credentials! = null {
outline = .useCredential

return (disposal, identification)

Source link