I have two requirements as follows.
I have a requirement in my iPhone App that the SSL certificate details of the https enabled webpage should be read and stored into my app. This could be done in background process or at the time of loading the webpage in UIWebView controller. Is it possible? If so, can you please provide the Objective-C code to get the details.
Is it possible to verify the Extended Validation(EV) certificate of a https enabled webpage? If so, please provide the Objective-C code for this.
Many thanks in advance.
Mahesh
Sadly, the answer to 1 is that you cannot do it. There is no way to provision a SSL certificate to any keychain access list (other than the Apple one) other than including it in the bundle. See my related question:
Finding a certificate on iOS
Related
My mobile app needs to connect to a server with self-signed certificate only. Is it possible to do this? Because the app is built using codenameone, there are many Java classes missing and thus I can't use normal Java solution.
The app needs to be run in both iOS and Android.
Thanks for any suggestions.
At this time this isn't supported since Codename One uses the native connection API's on the various platforms (e.g. NSUrl on iOS so this can't be implemented there.
In fact Apple recently limited the ability to access non-https URLs so even if this was added it might trigger an issue with Apple's future policies.
Since valid certificates can be purchased for 5USD the motivation in using self signed certificates is much lower than it used to be in the past.
The app I am currently working on requires the use of Configuration Profiles in order to connect to a server to download XML. The certificates are distributed in the form of .p12 files, and they can be installed in the settings app in the iPhone like the bottom-left image.
The problem is that all over the internet people are saying that this is impossible.
HOWEVER, Junos Pulse can do this(bottom-right image).
It is only reading the Configuration Profiles which is exactly what I need.
I did not have to install them into the Junos Pulse app. Adding them to the system, and launching the app is enough for my profiles to be recognized.
Thanks for your help :)
The reason the Junos app is able to do this has been explained in a post in the Apple Developer Forums.
Original Question: https://devforums.apple.com/message/660579#660579
Explanation about Junos app: https://devforums.apple.com/message/351326#351326
To sum it up, access to this is not provided in the SDK and is by invitation from Apple only.
You won't. Your application is sandboxed, read the iOS App Programming Guide. Developer profiles are not public information for applications to access.
I am not sure what you are trying to accomplish, but the iOS Keychain services allows you to store and retrieve certificates and keys in a (supposedly) secure way. I have not used the API for other than storing passwords, so I cannot say how it works with certificates, but according to the docs it might work for you.
In particular, have a look at the SecItemCopyMatching function.
We are developing an iPhone app, and we have one client who wants to use their own SSL certificate bundle. As far as I know this is not possible since the app can't access the device cert (assuming the client just install their own bundles on each of their device). Other option is to submit a whole different app just for them, but that's not a good solution and I am trying to avoid that.
Does anyone have experience with this sorts of problems? I tried to google around but could not find anything.
Any help or direction would be much appreciated!
I am developing an application that will use a personal client certificate to verify the user's identity. The user will be issued the certificate from their company/organization, and will then have to install it on the phone somehow.
So my question is this: is it better for them to install it in the phone's built in storage, and the app would pull this cert from the OS, OR have the user add the cert to the application's doc folder via iTunes and load it from there?
The advantage of the cert being in the doc folder is that it's easy to locate an load into the app, but I'm not sure if that is considered "best practice."
Is there anyone out there who has actually done client certificates who can offer their input on the matter?
Through my research I have discovered that Apple does not support client certificates/PKI at this time. However if someone finds a work around, or if Apple adds this feature, please post your information here.
I've a trouble finding it in documentation. So the thing is simple. I'd like to install the SSL certificate in order to communicate with the server. That's very typical if you browse the site and you have the warning about the certificate and you can accept it or not.
On the iPhone, while using safari it usually takes user to the settings with preloaded screen asking my to install the certificate.
The thing is I want to use the certificate to communicate with the server on production version. And there will be no browser, but typical table loading the rows from the XML/JSON etc. I don't want to tell the code to generally allow untrusted certificates. I just want to preinstall that one, either by user acceptance or without it if not necessary.
I know the workaround to simply mail the certificate as an attachment, but c'mon, I'm not going to display the screen about this during my application launch.
Thank you in advance
Chris
This should be done via Keychain Services, check documentation at developer.apple.com.
Have a look at the AdvancedURLConnections example from Apple as suggested in this answer.
If possible, I would avoid the hassle and just get a valid certificate signed by a trusted CA.