Bypass “The certificate for this server is invalid” issue on Ionic 5. Works with WKWebview — Solution April 2021

Lately, i was provided with API endpoints with a self signed certificate. This was being used in development environment. Every time i use these endpoints i get this error

The certificate for this server is invalid. You might be connecting to a server that is pretending to be “examplesite.com” which could put your confidential information at risk.

Solution:

- (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler {
  NSLog(@"Allowing all");
  SecTrustRef serverTrust = challenge.protectionSpace.serverTrust;
  CFDataRef exceptions = SecTrustCopyExceptions (serverTrust);
  SecTrustSetExceptions (serverTrust, exceptions);
  CFRelease (exceptions);
  completionHandler (NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:serverTrust]);
}

Add the above code to

platforms⁩ ▸ ⁨ios⁩ ▸ youAppName ▸ ⁨Plugins⁩ ▸ ⁨cordova-plugin-ionic-webview⁩ ▸ CDVWKWebViewEngine.m

I was fairly new to native code, so i did mistakes in pasting the code. what worked for me was pasting it after @implementation CDVWKWebViewEngine

And then, add this in info.plist

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

If you are not finding info.plist, add in your config.xml file inside <platform name="ios">

<config-file file="*-Info.plist" mode="merge" target="NSAppTransportSecurity">
<dict>
<key>NSAllowsArbitraryLoads</key>
<false />
</dict>
</config-file>

And dont forget to rebuild.