AFNetworking 3 issue

Question

In AFNetworking 3 for invalid SSL certificate I used validatesCertificateChain = false , but now it seems that this field was removed and I can't make requests to my server.

Here is class for requests:

import UIKit
import AFNetworking

class ClientHTML: AFHTTPSessionManager {
    private static var __once: () = { () -> Void in

        let securityPolicy = AFSecurityPolicy(pinningMode: AFSSLPinningMode.certificate)
        securityPolicy.validatesDomainName = false
        securityPolicy.allowInvalidCertificates = true
        sharedInstanceTemp.securityPolicy = securityPolicy


        sharedInstanceTemp.requestSerializer = AFHTTPRequestSerializer()
        sharedInstanceTemp.responseSerializer = AFHTTPResponseSerializer()


    }()

    fileprivate static let sharedInstanceTemp = ClientHTML(baseURL: URL(string: kServer_urlBilderlings))

    static var sharedInstance:ClientHTML {
        get {
            _ = ClientHTML.__once

            return sharedInstanceTemp
        }
    }
}

I do requests by:

ClientHTML.sharedInstance.post("https://acs-web-test.firstdata.lv", parameters: nil, progress: { (progress) in
            print("progress = ", progress)
        }, success: { (task, response) in
            let data = response as! Data
            let html = String(data: data, encoding: .utf8)
            print("success responce = ", html)
        }, failure: { (task, error) in
            print("error = ", error)
        })

And according to this post I have to use validatesCertificateChain property. Can anybody help?

I still see that, allowInvalidCertificates property exists in AFSecurityPolicy in AFNetworking 3.0.0, please refer this document - http://cocoadocs.org/docsets/AFNetworking/3.0.0-beta.1/Classes/AFSecurityPolicy.html — iamyogish, Nov 16 '16 at 05:27
I use this property, but I need another validatesCertificateChain, I need to set it to false. Please, take a look at this question's best answer http://stackoverflow.com/questions/27808249/problems-with-ssl-pinning-and-afnetworking-2-5-0-nsurlerrordomain-error-1012 . They said about this property, but it was afnetworking 2 — Paul T., Nov 16 '16 at 05:41

score 2 · Accepted Answer · answered Nov 16 '16 at 05:51

2

I solved it by changing let securityPolicy = AFSecurityPolicy(pinningMode: AFSSLPinningMode.certificate) to let securityPolicy = AFSecurityPolicy(pinningMode: AFSSLPinningMode.none)

answered Nov 16 '16 at 05:51

Paul T.

4,938
7
45
93

Thanks for posting your answer which would help someone later on. – iamyogish Nov 16 '16 at 06:26

score 2 · Answer 2 · answered Apr 19 '18 at 09:37

For objective-c user setAllowInvalidCertificates:YES without SSL Pinning:

AFSecurityPolicy *sec = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
[sec setAllowInvalidCertificates:YES];
[sec setValidatesDomainName:NO];
manager.securityPolicy = sec;

score 0 · Answer 3 · answered Sep 24 '20 at 03:49

Objective-C

static NSString* const kSecurityCertificate = @"xxxxx";

yourManager.securityPolicy = [self customSecurityPolicy];

- (AFSecurityPolicy*)customSecurityPolicy {
   AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
   NSString *cerPath = [[NSBundle mainBundle] pathForResource:kSecurityCertificate ofType:@"der"];
   NSData *certData = [NSData dataWithContentsOfFile:cerPath];
   [securityPolicy setValidatesDomainName:NO];
   [securityPolicy setAllowInvalidCertificates:YES];
   [securityPolicy setPinnedCertificates:[NSSet setWithObjects:certData, nil]];
   return securityPolicy;
}

AFNetworking 3 issue

3 Answers3

Linked