Ios: Pre Install Ssl Certificate in Keychain - Programmatically

  • Home
  • Languages
  • iOS
  • Ios: Pre Install Ssl Certificate in Keychain - Programmatically

How do I programmatically import a certificate into my iOS app's keychain and pass the identity to a server when needed?

The following code should do the trick :

NSMutableDictionary *secIdentityParams = [[NSMutableDictionary alloc] init];
[secIdentityParams setObject:(id)myIdentity forKey:(id)kSecValueRef];
OSStatus status = SecItemAdd((CFDictionaryRef) secIdentityParams, NULL);

You interact with the Keychain by passing in a dictionary of key-value pairs that you want to find or create. Each key represents a search option or an attribute of the item in the keychain.
Keys are pre-defined constants that you must use depending on the type of data to be stored.
Those keys can be found in Apple's developer doc.

I think Apple's source code is indeed missing the allocation of persistentRef. They should have added such declaration at the beginning of the method :

NSData *persistentRef = nil;

Note that use of persistent reference is not mandatory. The above code should work just fine. As Apple explains it well :

Because a persistent reference remains valid between invocations of
your program and can be stored on disk, you can use one to make it
easier to find a keychain item that you will need repeatedly

source : https://developer.apple.com/library/ios/#documentation/Security/Conceptual/CertKeyTrustProgGuide/iPhone_Tasks/iPhone_Tasks.html#//apple_ref/doc/uid/TP40001358-CH208-DontLinkElementID_10

How to use NSURLConnection to connect with SSL for an untrusted cert?

There is a supported API for accomplishing this! Add something like this to your NSURLConnection delegate:

- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
  return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
  if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
    if ([trustedHosts containsObject:challenge.protectionSpace.host])
      [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];

  [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}

Note that connection:didReceiveAuthenticationChallenge: can send its message to challenge.sender (much) later, after presenting a dialog box to the user if necessary, etc.


Related Topics

Get Current Url of Uiwebview

What Is a "Delegate" in Objective C's iPhone Development

Xcode 6 Isn't Autocompleting in Swift

Save and Load from Keychain | Swift

Uibezierpath Triangle with Rounded Edges

Simple Way to Change the Position of Uiview

Uitableview Dynamic Cell Heights Only Correct After Some Scrolling

Use Didselectrowatindexpath or Prepareforsegue Method for Uitableview

Xcode - There Are No Dsyms Available for Download

How to Make View the Size of Another View in Swiftui

Native Facebook App Does Not Open with Facebook Login in iOS 9

How to Draw a "Speech Bubble" on an Iphone

How to Attach Debugger to iOS App After Launch

Change Color of Back Button in Navigation Bar

How to Convert Nsdate into Unix Timestamp iPhone Sdk

Check If Uicolor Is Dark or Bright

Analysing Assets.Car File in iOS

What Are File Owner and First Responder in iOS - Xcode


Leave a reply



Submit