ServerValidationPolicy

public enum ServerValidationPolicy

How the Realm client should validate the identity of the server for secure connections.

By default, when connecting to MongoDB Realm over HTTPS, Realm will validate the server’s HTTPS certificate using the system trust store and root certificates. For additional protection against man-in-the-middle (MITM) attacks and similar vulnerabilities, you can pin a certificate or public key, and reject all others, even if they are signed by a trusted CA.

none
Perform no validation and accept potentially invalid certificates.

Warning
DO NOT USE THIS OPTION IN PRODUCTION.
Declaration
Swift

case none
Show on GitHub
system
Use the default server trust evaluation based on the system-wide CA store. Any certificate signed by a trusted CA will be accepted.
Declaration
Swift

case system
Show on GitHub
pinCertificate(path:)
Use a specific pinned certificate to validate the server identify.

This will only connect to a server if one of the server certificates matches the certificate stored at the given local path and that certificate has a valid trust chain.

On macOS, the certificate files may be in any of the formats supported by SecItemImport(), including PEM and .cer (see SecExternalFormat for a complete list of possible formats). On iOS and other platforms, only DER .cer files are supported.
Declaration
Swift

case pinCertificate(path: URL)
Show on GitHub

ServerValidationPolicy

Declaration

Declaration

Declaration