I'd like to bypass certificate validation using Alamofire 5 and Swift 4. I'm using Alamofire to connect to a server with a self-signed certificate. This is similar to this question Alamofire with a self-signed certificate / ServerTrustPolicy, but the answers are for previous Alamofire versions and it's not clear to me how to apply this approach to version 5. Does anyone know how to implement this in Alamofire 5?
Asked
Active
Viewed 3,715 times
1 Answers
7
It's very similar in Alamofire 5 but ServerTrustPolicy has been refactored into a protocol with conforming types for better extensibility. Similar to the answer you linked, you'll need to create a ServerTrustManager for your domain:
let manager = ServerTrustManager(evaluators: ["your.domain.here": DisabledTrustEvaluator()])
let session = Session(serverTrustManager: manager)
Of course, you'll still need to add ATS exceptions for your domains as well.
Additionally, you should never ship code that uses the DisabledTrustEvaluator, as it would allow all invalid TLS connections.
Jon Shier
- 12,200
- 3
- 35
- 37
-
How would you do this in a permanent way without trust disabled making ios networking evaluate the self signed certificate and the key? I have a bountied question here to capture your fancy https://stackoverflow.com/questions/63846061/ios-alamofire-certificate-pinning-with-a-private-key – Anton Tropashko Sep 14 '20 at 07:28
-
DisabledEvaluator has been deprecated, the new name is DisabledTrustEvaluator – Tamás Sengel May 08 '22 at 09:59