I am creating a Session manager using a shared instance as below:
class Session {
static let sharedInstance = Session()
private var manager : SessionManager?
func ApiManager()->SessionManager{
if let m = self.manager{
return m
}else{
let serverTrustPolicies: [String: ServerTrustPolicy] = [
"https:api-cat.example.com": .pinPublicKeys(
publicKeys:savePublicKeys(),
validateCertificateChain:true,
validateHost:true
)]
self.manager = SessionManager(
serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies))
return self.manager!
}
}}
where savePublicKeys returns [SecKey].
Even after setting the new ServerTrustPolicy with an empty public key array, I am still able to make successful calls and get data. Any ideas if I am making any mistake here?
Your "https:api-cat.payeezy.com" looks fishy.
Either remove the https:-part or add the missing double slash https://. The ServerTrustPolicyManager only applies the policy when its host property matches the request's host, if those don't match, Apple's standard behavior is used (See Alamofire Documentation).