Im trying to make SSL pinning in my app. After all guides i got this:
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
policy.allowInvalidCertificates = YES;
NSData *localCertificate = [NSData dataWithContentsOfFile:[[NSBundle mainBundle] pathForResource:@"my" ofType:@"cer"]];
policy.pinnedCertificates = [[NSSet alloc] initWithObjects:localCertificate, nil];
self.securityPolicy = policy;
"self" is subclass of AFHTTPSessionManager.
I tested this on two servers.
The first server has my.cer, and when i make some request, the method URLSession:didReceiveChallenge:completionHandler of AFURLSessionManager is called. Then certificates compares and everything is okay.
Second server have no my.cer. When i make requests URLSession:didReceiveChallenge:completionHandler of AFURLSessionManager doesn't calls and сertificate checking does not happening, but i can make requests and get responses.
Is there a way to cancel request if I did not receive a certificate from the server?
Thanks!
In the process of searching for at least some information, I came across a discussion and found that NSAllowsArbitraryLoads bit in my info.plist was causing it.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
Deleting this helped me. Hope, this will help anyone else.