Allow unverified ssl certificate in UIWebview

I'm embedding a website in a UIWebView. During development I have it pointed at localhost. The problem is that whenever it hits a "https://" url it doesn't load. When I load the url in mobile safari I get this popup:

Is there a way to override this with the UIWebView to allow the unverified url?

Solution 1:

If it's just for testing during development you can create a category on NSURLRequest and override the following private method:

#if DEBUG

@implementation NSURLRequest (NSURLRequestWithIgnoreSSL) 

+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString *)host
{
    return YES;
}

@end

#endif

Just put this anywhere in one of your .m files (e.g. app delegate), or put it in it's own .m file. You don't need a matching header file.

The #if DEBUG is a precaution to prevent you from accidentally leaving it enabled when you submit to Apple, but if you need it to work in a release build then remove that (and make sure you remember to restore it or remove this category before you submit to Apple).

Solution 2:

Swift 3/4 version for Nick Lockwood answer.

This is just for testing/development purposes:

extension NSURLRequest {
    #if DEBUG
    static func allowsAnyHTTPSCertificate(forHost host: String) -> Bool {
        return true
    }
    #endif
}

Solution 3:

Nick's answer will keep your app from being accepted by Apple in the App Store and George's answer will fail to load the remainder of a page that has .css or .js or any other secondary downloads. There is a complete answer here that allows the UIWebView to load pages from a site with an untrusted certificate.