1 Reply
      Latest reply on Aug 23, 2016 7:09 AM by guywithmazda
      sleipn1r Level 1 Level 1 (0 points)

        Hi ,

         

        my Webserver has a simple self sign Certificate,for each URLRequest first check my certificate with local cert file on my Device and allow or reject the Request,

        so it works in beta 1-5 of any Version of Xcode 8 with no Problems .

         

        But In Xcode beta 6 the delegate function didReceive challenge not called and get error with code: NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)



        here my Info.plist contains this

         

        <key>NSAppTransportSecurity</key>

        <dict>

        <key>NSAllowsArbitraryLoads</key>

        <true/>

        <key>NSExceptionDomains</key>

        <dict>

        <key>www.mydomain.com</key>

        <dict>

        <key>NSExceptionAllowsInsecureHTTPLoads</key>

        <false/>

        <key>NSIncludesSubdomains</key>

        <true/>

        <key>NSTemporaryExceptionMinimumTLSVersion</key>

        <string>TLSv1.2</string>

        </dict>

        </dict>

        </dict>


         

        here my functions,my Class use the URLSessionDelegate Protocol

         

        call my Website

         

        private func callWebSite(reqURL : String ){

             

        // reqURL contains like this <<< https://mywebsite.com/someSite.php >>>



                let config = URLSessionConfiguration.default

             

                let sess = URLSession(configuration: config, delegate: self, delegateQueue: OperationQueue.main)

            

                let request = NSMutableURLRequest(url: URL(string: reqURL)!)

             

                let sessionTask = sess.dataTask(with: request as URLRequest) { (data, resp, err) in

                 

                    let response = (resp as? HTTPURLResponse)

                

                     // only receive 200 responseCode


                      if response?.statusCode == 200{

             

                      self.websiteCallisValid = true

             

                        self.resultData = data!


                      // do some Stuff with resultData and check called Website

                        self.prepareResultFromWebsite(reqURL: reqURL)

                     

                    }

                    else{

                     

                        self.websiteCallisValid = false

                     

                    }

                 

                }

             

                sessionTask.resume()

             

            }

         

         

         

         

         

         

        // delegate function

        // delegate gets NOT called with Xcode beta 6

         

        // but called with no Problems with Xcode <= Xcode beta 5

         

         

        < private >( private is new with beta 6) func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {

             

                if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {

                    repeat {

                     

                          if let serverTrust = challenge.protectionSpace.serverTrust {

                       

                            var secresult = SecTrustResultType.invalid

                            let status = SecTrustEvaluate(serverTrust, &secresult)

                   

                            if(errSecSuccess == status) {

                                if let serverCertificate = SecTrustGetCertificateAtIndex(serverTrust, 0) {

                                 

                                    if let serverCertificateData = SecCertificateCopyData(serverCertificate) as? CFData {

                                     

                                        let data = CFDataGetBytePtr(serverCertificateData);

                                     

                                        let size = CFDataGetLength(serverCertificateData);

                                     

                                        let cert1 = NSData(bytes: data, length: size)

                                     

                                        let file_der = Bundle.main.path(forResource: "myCertFileOnMyDevice", ofType: "cer")

                                     

                                        if let file = file_der {

                                         

                                            if let cert2 = NSData(contentsOfFile: file) {

                                             

                                                if cert1.isEqual(to: cert2 as Data) {

                                                 

                                                    completionHandler(.useCredential, URLCredential.init(trust: serverTrust))

                                                 

                                                    return

                                                }

                                            }

                                        }

                                    }

                                }

                            }

                        }

                    } while(false)

                }

                /

                completionHandler(.cancelAuthenticationChallenge, nil)

             

            }

         

         

        Thanks...