Using client certificate for authentication with Alamofire

Question

I'm developing an iOS app that needs to do a HTTPS POST on a remote server. Here's what I want to do:

        // How to initialize 'credential' with a certificate.der (or .pem)
        var credential: URLCredential? 
        let pms: [String: Any] = ["func": "os.getpid"]
        Alamofire.request("https://mytestdomain.mycom/exec", method: .post, 
          parameters: pms, encoding: JSONEncoding.default, headers: nil)
          .authenticate(usingCredential: credential!)
          .responseJSON { response in
          if response.result.isSuccess {
              print("Success")
          }
          else {
              print("Error")
          }

But I haven't found a way to initialize the credential with a certificate. Is it possible?

Answer 1

I don't know about DER or PEM.. but for p12, you can do:

private func loadCertificate(name: String, password: String?) throws -> (identity: SecIdentity, certificate: SecCertificate) {
    let path = Bundle.main.path(forResource: name, ofType: "p12")!
    let data = NSData(contentsOfFile: path)!
    let certificate = SecCertificateCreateWithData(nil, data)!

    let options = [String(kSecImportExportPassphrase):password ?? ""]
    var items: CFArray? = nil
    let result = SecPKCS12Import(data, options as CFDictionary, &items)

    if (result != errSecSuccess) {
        throw RuntimeError("Cannot Import Certificte")
    }

    let info = (items! as NSArray).firstObject! as! NSDictionary
    let identity = info[String(kSecImportItemIdentity)] as! SecIdentity
    return (identity, certificate)
}

Then:

let info = try loadCertificate(name: "MyCertificate", password: "Password..")
let credentials = URLCredential(identity: info.identity, certificates: [info.certificate], persistence: .forSession)