Handling self-signed certificates in URLAuthenticationChallenge on Linux

In order to trust a self-signed certificate on macOS I've implemented the following URLSessionDelegate handler:

func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
    // trust certificate
    let cred = challenge.protectionSpace.serverTrust.map { URLCredential(trust: $0) }
    completionHandler(.useCredential, cred)

When compiling for Linux, I found that serverTrust is not available:

/package/Sources/ResterCore/Request.swift:255:38: error: value of type 'URLProtectionSpace' has no member 'serverTrust'

I was hoping to perhaps create the required credential without serverTrust but other ways to create a URLCredential are also unvailable:

// TODO: We have no implementation for Security.framework primitive types SecIdentity and SecTrust yet

Does anyone know of a way to work around this on Linux? I.e. is there a way to accept a self-signed certificate on Linux via URLSession?

Any pointers greatly appreciated!

1 Like

Did you ever figure this out? Stuck in this same problem 3 years later :p

Nope, nothing has changed in this regard. URLSession in swift-corelibs-foundation remains woefully incomplete.

welp, guess I'll just invoke curl behind the scenes

Sadly not. I simply disabled that functionality on Linux.

I am facing same issue.
What do you disable on Linux?

I disabled support for self-signed certificates at the time (this was five years ago).

thanks I will try.

FYI, I have currently the same issue (TLS client certificate authentication on Linux platform).
I have worked on a potential support for Swift Foundation: URLSession: Added support for client certificate authentication for non MacOS platforms by oliviermartin · Pull Request #4937 · apple/swift-corelibs-foundation · GitHub
This support has limitation (private key cannot be stored in some secure storage) but it enables some use cases.

cc: @zunda

1 Like

Great job! I hope this pull request gets merged!