Does not work with skipped certificate validation

[tomassliz]

I have to use server with invalid SSL certificate for development. So I set up Alamofire manager to skipping SSL verification with this code (applicable for NSURLSession too):

manager.delegate.sessionDidReceiveChallenge = { session, challenge in
    if challenge.protectionSpace.authenticationMethod == "NSURLAuthenticationMethodServerTrust" {
        return (.UseCredential, NSURLCredential(forTrust: challenge.protectionSpace.serverTrust))
    }

    return (.PerformDefaultHandling, nil)
}

When I try to use your library with this setup, communication is interrupted and this line is printed out:

NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9814)

So is possible to use your library with skipped certificate verification?

[akashivskyy]

Not yet. There were plans to implement this, but they didn't make it to the 0.1 release.

We'll focus on that in the next iteration (and you can contribute as well, if you'd like). :wink:

[tomassliz]

I would like to contribute but I don't know how to implement this. Alamofire solved this with own block property. But when you do the same, where should be then the right place for setting up this block? In your library or in Alamofire? I don't know.

[akashivskyy]

I think the best way would be to use the underlying implementation that exists in NSURLSession's delegate (so there's no need to duplicate your code).

But there's no easy way of accessing it, because NSURLProtocol only receives NSURLRequest, without the information of which session is responsible for it. :confused: