0

I'm doing a SSL pinning check for a website and I need to tap into the didReceiveAuthenticationChallenge in order to do so. However when I am debugging the application I noticed that the challenge is being called 3 times before finishing and afterwards I end up with NSURLErrorDomainCode=-999.

Small snippet of how my code looks:

  didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
                  completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable))completionHandler
{

  SecTrustRef serverTrust = challenge.protectionSpace.serverTrust;
  SecCertificateRef certificate = SecTrustGetCertificateAtIndex(serverTrust, 0);

What I found odd is that on the third attempt the certificate on the bottom line of the snippet, is returning nil. But for the first 2 runs it is returning the same server certificate again.

Is this a normal behaviour from this method? The server only has one certificate installed that I am comparing against. I don't know if it might be relevant to add that I am using the React-Native-Webview solution for my application.

SmalliSax
  • 342
  • 3
  • 6
  • 24
  • How do you set the delegate? – Glenn Posadas Nov 29 '22 at 10:02
  • @Glenn, I'm just calling this method above in a custom Objective-C class that starts in the following way `@interface RCTCustomWebView () @end @implementation RCTCustomWebView {}` I might just add as a sidenote that I just recently picked up this language, or was forced to in order to solve this issue so I might be missing some crucial pieces? – SmalliSax Nov 29 '22 at 10:10

0 Answers0