how can I connecting my server as HTTPS with using self-signed Certificate file

[dickwu]

I setup up a web server on localhost with self-sign Certificate file, but I can't POST data to the Server over HTTPS.

let serverTrustPolicies: [String: ServerTrustPolicy] = [
"localhost": .PinCertificates(
certificates: ServerTrustPolicy.certificatesInBundle(),
validateCertificateChain: true,
validateHost: true
),
"insecure.expired-apis.com": .DisableEvaluation
]

    let manager = Manager(
        serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
    )

manager.request(.POST, "https://localhost/index.php", parameters: nil).responseString { (response) -> Void in
print(response.result.value)
}

print result is nil

[ntnmrndn]

validateCertificateChain: true, => Change it to false.

You should try to ask this kind of questions on stack overflow (as instructed to in the readme).
Buy the way, you should also get a real certificate. Especially since you have a free option with https://letsencrypt.org

[dickwu]

I override NSURLSessionDelegate like this below: (validateCertificateChain: true, => Change it to false. is not useful)
func URLSession(session: NSURLSession, didReceiveChallenge challenge: NSURLAuthenticationChallenge, completionHandler: (NSURLSessionAuthChallengeDisposition, NSURLCredential?) -> Void) {
if let localCertificateData = self.localCertData {//NSData
if let serverTrust = challenge.protectionSpace.serverTrust,
certificate = SecTrustGetCertificateAtIndex(serverTrust, 0),
remoteCertificateData: NSData = SecCertificateCopyData(certificate) {
if localCertificateData.isEqualToData(remoteCertificateData) {
let credential = NSURLCredential(forTrust: serverTrust)
challenge.sender?.useCredential(credential, forAuthenticationChallenge: challenge)
completionHandler(NSURLSessionAuthChallengeDisposition.UseCredential, credential)
} else {
challenge.sender?.cancelAuthenticationChallenge(challenge)
completionHandler(NSURLSessionAuthChallengeDisposition.CancelAuthenticationChallenge, nil)
self.sSLValidateErrorCallBack?()//a block
}
} else {
NSLog("Get RemoteCertificateData or LocalCertificateData error!")
}
} else {
completionHandler(NSURLSessionAuthChallengeDisposition.UseCredential, nil)
}
}

[davepatterson]

Did you ever figure this out. I had a similar issue and it was caused by my not declaring manager globally. The following declaration of manager fixed it for me:

class AppTests: XCTestCase {
    let manager: Alamofire.Manager = {
    let serverTrustPolicies: [String: ServerTrustPolicy] = [
    "yourdomain.com": .DisableEvaluation
]

let configuration = NSURLSessionConfiguration.defaultSessionConfiguration()
configuration.HTTPAdditionalHeaders = Alamofire.Manager.defaultHTTPHeaders

return Alamofire.Manager(
    configuration: configuration,
    serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
)
}()

Also, @dickwu, for future references, I recommend that you to prepend each line of your code with four spaces so that it is easier to read. Doing so is how I achieved the code display that you see above.

[cnoon]

Hi @dickwu,

My guess at this point is that you're getting bit by ATS. Here's a few tips:

• Check out our documentation in the README. This will most likely fix up your issue.
• Dig through all the info in Self-Signed Certificate not accepted #876. There's a TON of great info in that issue about ATS and how to wield it.
• Finally, you should stop using self-signed certs. Check out Let's Encrypt like @ntnmrndn mentioned. 👍🏼

If you still cannot figure it out, I'd suggest opening a question on Stack Overflow.

Best of luck! 🍻