0

I am using Alamofire 4 in Swift 3 to build an application to PUT data to an API for an MDM server for mass updates.

Some users use a built-in CA or self-signed SSL certificate for their on-prem hosted servers, and if that certificate is not downloaded and installed to the keychain, Alamofire will not allow the communication.

I found the Security section of the Readme and wrote the following code in:

    private static var Manager: Alamofire.SessionManager = {

    // Create the server trust policies
    let serverTrustPolicies: [String: ServerTrustPolicy] = [
        "my.on-prem-server.com": .disableEvaluation            
    ]

    // Create custom manager
    let configuration = URLSessionConfiguration.default
    configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders
    let manager = Alamofire.SessionManager(
        configuration: URLSessionConfiguration.default,
        serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
    )

    return manager
}()

The problem is that I'm not the only person using this, and there's no way for me to statically set everyone's server information in there. Not everyone's server is going to be "my.on-prem-server.com"

I have a string variable called "allowUntrustedURL" which get's populated from a delegate on viewWillAppear() (they enter their server info on a different view), but when I try 

let serverTrustPolicies: [String: ServerTrustPolicy] = [
        allowUntrustedURL: .disableEvaluation            
    ]

I get the following error: Instance member 'allowUntrustedURL' cannot be used on type 'myViewController'

So I guess I'm open to options. I thought about making it a requirement that people download their SSL cert and install it to the keychain--but I think I'd rather have a checkbox to disable that requirement if at all possible.

I would be fine with either a way to globally disable Alamofire's trusted SSL requirement (preferably after checking a box or something to allow untrusted), or a method of passing in a variable which I can populate with their URL as they're filling things out.

EDIT: I've also tried some sort of wildcard in the URL, and I can't seem to get any sort of wildcard or global allowance to work.

Mike Levenick
  • 183
  • 2
  • 12

1 Answers1

0

Try making serverTrustPolicies a var and initialize it in a method like viewDidLoad. I think your problem is serverTrustPolicies is not yet available while you are trying to access it.

Ali Momen Sani
  • 840
  • 2
  • 11
  • 26
  • I actually define it globally, and populate it on `viewDidLoad` already so it should be available, and it should have data in it. I think this is more of an issue with the data type/properties vs values etc. I just don't know enough yet about different data types yet to put my finger on it.. This is my first swift project. EDIT: I misread and though we were talking about the server variable. Let me give it a shot. – Mike Levenick Nov 11 '16 at 16:47
  • Unfortunately, no. I think I may just switch back to built in methods of HTTP requests. Alamofire is fantastic, but I don't need the vast majority of the things that it is capable of, and this has been a headache for a while. I appreciate your help though. – Mike Levenick Nov 14 '16 at 17:59
  • @MikeLevenick [this question](http://stackoverflow.com/questions/25854300/how-to-initialize-properties-that-depend-on-each-other) might help you – Ali Momen Sani Nov 14 '16 at 19:50
  • Thank you for all your help. I ended up just going back and building my own URLSessions instead of using AlamoFire. It's a fantastic tool, but I don't need 90% of what it does, and the untrusted cert thing was a pretty big blocker. – Mike Levenick Nov 18 '16 at 16:41