Hi ,
my Webserver has a simple self sign Certificate,for each URLRequest first check my certificate with local cert file on my Device and allow or reject the Request,
so it works in beta 1-5 of any Version of Xcode 8 with no Problems .
But In Xcode beta 6 the delegate function didReceive challenge not called and get error with code: NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)
here my Info.plist contains this
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
<key>NSExceptionDomains</key>
<dict>
<key>www.mydomain.com</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<false/>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
</dict>
</dict>
</dict>
here my functions,my Class use the URLSessionDelegate Protocol
call my Website
private func callWebSite(reqURL : String ){
// reqURL contains like this <<< https://mywebsite.com/someSite.php >>>
let config = URLSessionConfiguration.default
let sess = URLSession(configuration: config, delegate: self, delegateQueue: OperationQueue.main)
let request = NSMutableURLRequest(url: URL(string: reqURL)!)
let sessionTask = sess.dataTask(with: request as URLRequest) { (data, resp, err) in
let response = (resp as? HTTPURLResponse)
// only receive 200 responseCode
if response?.statusCode == 200{
self.websiteCallisValid = true
self.resultData = data!
// do some Stuff with resultData and check called Website
self.prepareResultFromWebsite(reqURL: reqURL)
}
else{
self.websiteCallisValid = false
}
}
sessionTask.resume()
}
// delegate function
// delegate gets NOT called with Xcode beta 6
// but called with no Problems with Xcode <= Xcode beta 5
< private >( private is new with beta 6) func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
repeat {
if let serverTrust = challenge.protectionSpace.serverTrust {
var secresult = SecTrustResultType.invalid
let status = SecTrustEvaluate(serverTrust, &secresult)
if(errSecSuccess == status) {
if let serverCertificate = SecTrustGetCertificateAtIndex(serverTrust, 0) {
if let serverCertificateData = SecCertificateCopyData(serverCertificate) as? CFData {
let data = CFDataGetBytePtr(serverCertificateData);
let size = CFDataGetLength(serverCertificateData);
let cert1 = NSData(bytes: data, length: size)
let file_der = Bundle.main.path(forResource: "myCertFileOnMyDevice", ofType: "cer")
if let file = file_der {
if let cert2 = NSData(contentsOfFile: file) {
if cert1.isEqual(to: cert2 as Data) {
completionHandler(.useCredential, URLCredential.init(trust: serverTrust))
return
}
}
}
}
}
}
}
} while(false)
}
/
completionHandler(.cancelAuthenticationChallenge, nil)
}
Thanks...