In order to trust a self-signed certificate on macOS I've implemented the following URLSessionDelegate
handler:
func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
// trust certificate
let cred = challenge.protectionSpace.serverTrust.map { URLCredential(trust: $0) }
completionHandler(.useCredential, cred)
}
When compiling for Linux, I found that serverTrust
is not available:
/package/Sources/ResterCore/Request.swift:255:38: error: value of type 'URLProtectionSpace' has no member 'serverTrust'
I was hoping to perhaps create the required credential without serverTrust
but other ways to create a URLCredential
are also unvailable:
// TODO: We have no implementation for Security.framework primitive types SecIdentity and SecTrust yet
Does anyone know of a way to work around this on Linux? I.e. is there a way to accept a self-signed certificate on Linux via URLSession
?
Any pointers greatly appreciated!
1 Like
Did you ever figure this out? Stuck in this same problem 3 years later :p
Jon_Shier
(Jon Shier)
3
Nope, nothing has changed in this regard. URLSession
in swift-corelibs-foundation
remains woefully incomplete.
welp, guess I'll just invoke curl behind the scenes
Sadly not. I simply disabled that functionality on Linux.
zunda
(zunda)
7
@finestructure
I am facing same issue.
What do you disable on Linux?
I disabled support for self-signed certificates at the time (this was five years ago).
zunda
(zunda)
9
@finestructure
thanks I will try.
FYI, I have currently the same issue (TLS client certificate authentication on Linux platform).
I have worked on a potential support for Swift Foundation: URLSession: Added support for client certificate authentication for non MacOS platforms by oliviermartin · Pull Request #4937 · apple/swift-corelibs-foundation · GitHub
This support has limitation (private key cannot be stored in some secure storage) but it enables some use cases.
cc: @zunda
zunda
(zunda)
11
@oliviermartin
Great job! I hope this pull request gets merged!