Instance Method

evaluateTrust(for:peerCertificateChain:completionHandler:)

Override the default trust evaluation for the connection

Declaration

optional func evaluateTrust(for connection: NWTCPConnection, peerCertificateChain: [Any], completionHandler completion: @escaping (SecTrust) -> Void)

Parameters

connection

The connection sending this message

peerCertificateChain

The connection peer’s certificate chain

completionHandler

The completion handler for passing the SecTrust object to the connection. The SecTrustRef object trust is required and must not be nil. It will be evaluated using SecTrustEvaluate(_:_:) if necessary.

The caller is responsible for keeping the argument object valid for the duration of the completion handler invocation.

Discussion

The caller can implement this optional protocol method to set up custom policies for peer certificate trust evaluation. If the delegate method is implemented, the caller is responsible for creating and setting up the SecTrust object and passing it to the completion handler. Otherwise, the default trust evaluation policy is used for the connection.

See Also

Delegate Methods

func shouldEvaluateTrust(for: NWTCPConnection) -> Bool

Indicate that the delegate should override the default trust evaluation for the connection

func shouldProvideIdentity(for: NWTCPConnection) -> Bool

Indicate that the delegate can provide an identity for the connection authentication

func provideIdentity(for: NWTCPConnection, completionHandler: (SecIdentity, [Any]) -> Void)

Provide the identity and an optional certificate chain to be used for authentication