WKWebView https certificate invalid

Question

Here is the code I use to allow the certificate :

@interface NSURLRequest(DummyInterface)
+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host;
+ (void)setAllowsAnyHTTPSCertificate:(BOOL)allow forHost:(NSString*)host;
@end
@implementation NSURLRequest(DummyInterface)
+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString *)host
{
  return [host isEqualToString:@"mysite.com"];
}
@end

And I initialize my WKWebView like that :

NSURL *urlReq = [NSURL URLWithString:@"mysite.com"];
NSURLRequest *request = [NSURLRequest requestWithURL:urlReq];
[NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost:[urlReq host]];

WKWebViewConfiguration *theConfiguration = [[WKWebViewConfiguration alloc] init];
mainWebView = [[WKWebView alloc] initWithFrame:self.view.frame configuration:theConfiguration];
[mainWebView setNavigationDelegate:self];
[mainWebView loadRequest:request];

It works great for http website but I have this error using https :

The certificate for this server is invalid. You might be connecting to a server that is pretending to be “mysite.com” which could put your confidential information at risk.

It was working when I was using UIWebView and implementing the function "canAuthenticateAgainstProtectionSpace", but now I don't understand what I have to do.

Am I missing something or WKWebView can't handle HTTPS ?

Answer 1

Try this one, worked for me

- (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler {
  NSLog(@"Allowing all");
  SecTrustRef serverTrust = challenge.protectionSpace.serverTrust;
  CFDataRef exceptions = SecTrustCopyExceptions (serverTrust);
  SecTrustSetExceptions (serverTrust, exceptions);
  CFRelease (exceptions);
  completionHandler (NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:serverTrust]);
}

And don't forget to add to the Info.plist

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

Answer 2

This works for me

set webView.navigationDelegate = self

implement

 func webView(_ webView: WKWebView, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
    let trust = challenge.protectionSpace.serverTrust!
    let exceptions = SecTrustCopyExceptions(trust)
    SecTrustSetExceptions(trust, exceptions)
    completionHandler(.useCredential, URLCredential(trust: trust))
}

And add this in plist with domains you want to allow

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>localhost</key>
        <dict>
            <key>NSTemporaryExceptionAllowsInsecureHTTPSLoads</key>
            <false/>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSTemporaryExceptionMinimumTLSVersion</key>
            <string>1.0</string>
            <key>NSTemporaryExceptionRequiresForwardSecrecy</key>
            <false/>
        </dict>
    </dict>
</dict>