I have been trying to implement SSL Pinning for a hybrid app using a plugin which builds the native code for the required functionality.

Inside the generated native project, the Objective-C code includes the following function to read certificate files (X.509 DER .cer) from the www/certificates location.

// AFSecurityPolicy.m    
+ (NSSet *)certificatesInBundle:(NSBundle *)bundle {
        NSArray *paths = [bundle pathsForResourcesOfType:@"cer" inDirectory:@"www/certificates"];
        NSMutableSet *certificates = [NSMutableSet setWithCapacity:[paths count]];

        for (NSString *path in paths) {
            NSData *certificateData = [NSData dataWithContentsOfFile:path];
            [certificates addObject:certificateData];
        }

        return [NSSet setWithSet:certificates];
    }

But due to a known bug in the plugin, this location does not get created automatically (ideally, it should) and I need to manually create the www/certificates location and include my certificate files inside it.

My source file structure looks like below.

ios
|--App
|  |--App.xcodeproj/
|  |--App.xcworkspace/
|  |--Pods/
|  |--public/
|  |--Podfile/
|  |--Podfile.lock
|--capacitor-cordova-ios-plugins
|  |--resources/
|  |--sources
|  | |--AFSecurityPolicy.h
|  | |--AFSecurityPolicy.m
|  | |--......
|  |--CordovaPlugins.podspec
|  |--CordovaPluginsResources.podspec
|  |--CordovaPluginsStatic.podspec

1. Where should I create this www/certificates directory? (I tried the project root level, plugins folder level, resources level etc., but nothing worked)

2. Is there something like scopes/ class paths that I need to care about in Objective-C?

3. Do I need to specify anything in the configuration files for the native app to load those locations?

Disclosure: I am very new to mobile programming and appreciate any sort of help in this regard.