Not sure what is going on, but it's seems very odd. When stepping through the code in the simulator with version 5 of the plugin and an iOS 10.2 simulator the method above doesn't seem to be called. I've stopped and started the simulator rebuilt the app, waited over 3-4 hours but it never seems to go into the method and check the fingerprints, so it just continues on.

Does anyone have any idea what might be going on? Sadly I'm getting flak because my app doesn't seem to be checking the fingerprint of our cert : /

Thanks in advance

Okay, I think I figured it out. In case it helps someone I'm putting it here:

It looks like at least with the above scenario that you need to make sure you are checking the certificate on the first call to the host, because the way iOS seems to be caching the SSL connections, the willSendRequestForAuthenticationChallenge method only gets executed on the first call to the host not any of the subsequent calls (at least for a while it seems).

So if you are not checking the cert on the first call, but then are checking on the next call to the same host shortly thereafter ( I know, but I did have a good reason ), you appear to be screwed because it caches the connection on the first call and doesn't call the above method on the following ones.

I guess my use case is fairly unique because I couldn't find much help out there diagnosing it, although there were a few clues out there. Closing this (non)-issue.