How to fix ‘TIC SSL Trust Error’ in iOS?

IKKA - s answer in Swift 4.2 version

extension CustomViewController: URLSessionDelegate {
    func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
        if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodClientCertificate) {
            completionHandler(.rejectProtectionSpace, nil)
        }
        if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
            let credential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
            completionHandler(.useCredential, credential)
        }
    }
}

Swift 5.1

Your class has to comply with URLSessionDelegate and implement the "didReceive Challenge" function.

These Apple Developer pages illustrates the issue and provides a lot of insight on how to securely fix this issue:

Handling an Authentication Challenge

Performing Manual Server Trust Authentication

Here is an example of how to fix this issue for Dev or QA environments:

func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
    #if DEBUG
    if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
        if challenge.protectionSpace.host == "YourTrustedDevOrQaDomain" {
            // At this point you can prevent a domain that is pretending to be a trusted domain by challenging the user to present some credentials or a security mechanism for authentication. 
            if let serverTrust = challenge.protectionSpace.serverTrust {
                let credential = URLCredential(trust: serverTrust)
                completionHandler(URLSession.AuthChallengeDisposition.useCredential, credential)
            }
        }
    }
    #endif
}

The following code works for me. I implemented delegate method for NSURLSessionDelegate (didReceiveChallenge)

NSURLSessionConfiguration *sessionConfiguration = [NSURLSessionConfiguration defaultSessionConfiguration];
NSURLSession *session = [NSURLSession sessionWithConfiguration:sessionConfiguration delegate:self delegateQueue:Nil];
NSURLSessionDataTask *task = [session dataTaskWithRequest:request
                                            completionHandler:^(NSData *data, NSURLResponse *response, NSError *error){
                    //Handle the response
   }];
[task resume];

//NSURLSessionDelegate method

  - (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential *))completionHandler{

      if([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]){
        if([challenge.protectionSpace.host isEqualToString:@"yourdomain.com"]){
          NSURLCredential *credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
      completionHandler(NSURLSessionAuthChallengeUseCredential,credential);
    }
  }
}

You can input this in Appdelegate.m

Here is the code:

@implementation NSURLRequest(DataController)
   + (BOOL)allowsAnyHTTPSCertificateForHost:(NSString *)host{
   return YES;
}

Tags:

Ios

Objective C

Iphone

Ssl Certificate

Recent Posts