0

I have this two files (certificate.pem and private_key.pem) which provided me by the API that I use. I need to use this files to sign my http request in Swift project.

I'm able to do it with Postman. I added certificate.pem as CRT file and private_key.pem as KEY file in Add Client Certificate tab of Postman. And when I send PUT request with headers and parameters on Postman, I'm getting success message from the web server.

But when I tried all of these things in Xcode with Swift3 and Alamofire, I'm always getting error message. Could you help me how to pin this PEM files to http request please?

Mansur Muaz Ekici
  • 31
  • 2
  • 7

1 Answers1

0

Alamofire does not support PEM files directly. You need to convert them first to DER files which is explained here. Then, you need to add your new DER file(s) to your app target. Finally, you follow the directions in the Security section of the README to enable a server trust policy.

let serverTrustPolicies: [String: ServerTrustPolicy] = [
    "test.example.com": .pinCertificates(
        certificates: ServerTrustPolicy.certificates(),
        validateCertificateChain: true,
        validateHost: true
    ),
    "insecure.expired-apis.com": .disableEvaluation
]

let sessionManager = SessionManager(
    serverTrustPolicyManager: ServerTrustPolicyManager(
        policies: serverTrustPolicies
    )
)

The ServerTrustPolicy.certificates() call can be found here which loads all the data from the CER and DER files from the bundle and uses them for pinning.

Hopefully that helps gets you going.

cnoon
  • 16,575
  • 7
  • 58
  • 66
  • Actually, I've try to do this. But as far as I understand, due to use of two certificate(I mean, certificate and private_key), I'm getting trouble. @cnoon – Mansur Muaz Ekici Apr 17 '18 at 14:12
  • Also I'm getting this error. CredStore - copyIdentPrefs - Error copying Identity cred. Error=-25300, query={ class = idnt; labl = "https://api.teller.io:443/"; "r_Ref" = 1; } – Mansur Muaz Ekici Apr 17 '18 at 14:39