accessing iOS device SSL certificate - iphone

We are developing an iPhone app, and we have one client who wants to use their own SSL certificate bundle. As far as I know this is not possible since the app can't access the device cert (assuming the client just install their own bundles on each of their device). Other option is to submit a whole different app just for them, but that's not a good solution and I am trying to avoid that.
Does anyone have experience with this sorts of problems? I tried to google around but could not find anything.
Any help or direction would be much appreciated!

Related

Trust self-signed certificate in ConnectionRequest of codenameone

My mobile app needs to connect to a server with self-signed certificate only. Is it possible to do this? Because the app is built using codenameone, there are many Java classes missing and thus I can't use normal Java solution.
The app needs to be run in both iOS and Android.
Thanks for any suggestions.
At this time this isn't supported since Codename One uses the native connection API's on the various platforms (e.g. NSUrl on iOS so this can't be implemented there.
In fact Apple recently limited the ability to access non-https URLs so even if this was added it might trigger an issue with Apple's future policies.
Since valid certificates can be purchased for 5USD the motivation in using self signed certificates is much lower than it used to be in the past.

iOS get Configuration Profiles that are installed

The app I am currently working on requires the use of Configuration Profiles in order to connect to a server to download XML. The certificates are distributed in the form of .p12 files, and they can be installed in the settings app in the iPhone like the bottom-left image.
The problem is that all over the internet people are saying that this is impossible.
HOWEVER, Junos Pulse can do this(bottom-right image).
It is only reading the Configuration Profiles which is exactly what I need.
I did not have to install them into the Junos Pulse app. Adding them to the system, and launching the app is enough for my profiles to be recognized.
Thanks for your help :)
The reason the Junos app is able to do this has been explained in a post in the Apple Developer Forums.
Original Question: https://devforums.apple.com/message/660579#660579
Explanation about Junos app: https://devforums.apple.com/message/351326#351326
To sum it up, access to this is not provided in the SDK and is by invitation from Apple only.
You won't. Your application is sandboxed, read the iOS App Programming Guide. Developer profiles are not public information for applications to access.
I am not sure what you are trying to accomplish, but the iOS Keychain services allows you to store and retrieve certificates and keys in a (supposedly) secure way. I have not used the API for other than storing passwords, so I cannot say how it works with certificates, but according to the docs it might work for you.
In particular, have a look at the SecItemCopyMatching function.

IOS Certificate for multiple apps being built at once?

It seems that we have to get a new certificate every time we switch between apps we're working on and want to test them on our phones. My iPhone developer is stuck with this. Is there a way to keep a certificate for multiple apps? Or a way to have more than 1 certificate active at a time? We've got simultaneous projects going on right now and this is a major issue. I'm guessing there is a simple fix we don't know about? (hoping)
You're talking about provisioning profiles, right? Create an App ID with this format: com.YourName.* and then create a provisioning profile from that, and you'll be able to test any app that has a bundle identifier that falls into com.YourName.

Install SSL Certificate straight from the App

I've a trouble finding it in documentation. So the thing is simple. I'd like to install the SSL certificate in order to communicate with the server. That's very typical if you browse the site and you have the warning about the certificate and you can accept it or not.
On the iPhone, while using safari it usually takes user to the settings with preloaded screen asking my to install the certificate.
The thing is I want to use the certificate to communicate with the server on production version. And there will be no browser, but typical table loading the rows from the XML/JSON etc. I don't want to tell the code to generally allow untrusted certificates. I just want to preinstall that one, either by user acceptance or without it if not necessary.
I know the workaround to simply mail the certificate as an attachment, but c'mon, I'm not going to display the screen about this during my application launch.
Thank you in advance
Chris
This should be done via Keychain Services, check documentation at developer.apple.com.
Have a look at the AdvancedURLConnections example from Apple as suggested in this answer.
If possible, I would avoid the hassle and just get a valid certificate signed by a trusted CA.

iPhone:Can one mac be used for two business purpose?

I have a small doubt, so apologies first.
I am creating an iPhone application using my Macbook. I want to upload it into AppStore after some days by creating a developer certificate and use provisioning profile. My friend wants to create his own iPhone application and wants to upload to AppStore for him personally, but he wants to use my same Macbook, but he may create his own dev certificate etc. I hope this is possible. Can we both use a same Macbook to develop different business(myself and my friend's) applications? I'm just curious to ask this doubt.
One more question,
Can we submit an iPhone application into AppStore without having own website page? Is it mandatory to have my own web site page for uploading an application into AppStore?
As long as all of the right pieces are installed, you could definitely share one Mac. You'd need all of the appropriate provisioning profiles installed in XCode, and the private keys / signing certificates used to generate them installed in the Keychain.
Going with separate user accounts might be a good idea, if just so that neither of you gets confused and accidentally builds their app with the other person's profile. But there shouldn't be any technical reason why you couldn't do this with a single user.
You would both need to have different users but apart from that, I can't see a problem.
As far as I know, the certificates and public private keys are per user.
As for the second question, I have no idea, sorry!
For first question:
Sure, it is possible! Its all a matter of creating different Certificate and Provisioning and When you build the project making sure you use the correct certificate to Code Sign!
Second Question:
You don't need a website of your own. I've come across many developers who uses their Blogspot address!
But if you are serious and look serious, get a domain and a simple site :)
Cheers