When testing our iOS app, my team and I need to disable SSL certificate

Question

0

Editorial Team

Asked: May 23, 20262026-05-23T01:28:20+00:00 2026-05-23T01:28:20+00:00

When testing our iOS app, my team and I need to disable SSL certificate

0

When testing our iOS app, my team and I need to disable SSL certificate validation.

At present, we are using a hard-coded #define:

// In Prefix.pch
#define ALLOW_INVALID_SSL_CERTS

// Elsewhere
#ifdef ALLOW_INVALID_SSL_CERTS
// Code to disable SSL certificate validation
#endif

As a result, we have to remember to remove the #define every time we release a new version.

Ideally we would like to find a way to enable a flag in Xcode that would not be checked into source control.

I have discovered that this is possible using application arguments ([[NSProcessInfo processInfo] arguments); however this is potentially exploitable since an attacker could find a way to provide the argument in question to the app before it is launched.

Is there another way to set this up in Xcode?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T01:28:21+00:00

Editorial Team

2026-05-23T01:28:21+00:00Added an answer on May 23, 2026 at 1:28 am

Try to set the Other C Flag in your build settings like -DDEBUG=1 in the debug settings and in the release settings set this to -DDEBUG=0. Then in your prefix file define your debug macro like this.

#if DEBUG
#define ALLOW_INVALID_SSL_CERTS 1
#else
#define ALLOW_INVALID_SSL_CERTS 0
#endif

I do it in this way. Here is a screenshot if you want to know where to set the -DDEBUG option.

enter image description here

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

When testing our iOS app, my team and I need to disable SSL certificate

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply