My question is: is there a way to use the installed identity certificates on the phone from within my app. For example similar case like with Safari: if certain site requires client certificate, the user has to install it on the phone and then when authenticating Safari uses the installed certificate to authenticate. I need to do the same:
User installs certificate on the phone.
The user starts the application and authenticates using the installed certificate.
Thanks
I assume you mean authenticate an NSURLConnection to a specific server? I think you can do this if get into some of the lower level CF calls. Not sure, but this might help: Does SecTrustEvaluate() look for root certificates in the application keychain?
Related
I have created a build which works fine in my system by when I share it with my team they get certificate issue while installing app. Either you need a new certificate installed for this app package, or you need a new app package with trusted certificates. Your system administrator or the app developer can help. A certificate chain processed, but terminated in a root certificate which isn't trusted (0x800B0109)
What are the ways by which, I can share build with my team before publishing it.
Note:Certificates cannot be attached in most of email client.
In order for others to deploy your .appx or .MSIX, the app must be signed, and the users must trust the certificate you used to sign it.
While developing your app you can use a test certificate that your team agrees to trust.
I want my App to support Push Notification, and I do as below:
Generate CSR file
Create an App ID and enable Push Notification
Create Development SSL Certificate for the App ID, using CSR file created in step 1
Create Provisioning file
The problem is, in step 4, I cannot select the certificate created in step 3. Is there anything wrong in my steps?
Thanks.
No you can't select push SSL Certificate while creating provisioning profile. Just select developer Or Distribution certificate.
Upload push SSL certificate in server that provide push service...ex: parse, arban airship. Its optional.
You can't select the SSL certificate just because you don't have to.
The provisioning profile is not related to the push certificate, but to the App ID, that's where you have set your app to use the APN service.
The SSL certificate must be uploaded on your server so it can be identified as your app server when making calls to Apple. You just need to download it, open it in your keychain and then usually export it and upload it on your server.
It's quite simple, just be sure to sign your app with a development provisioning profile when you are using a development push certificate on your server (making calls to apple sandbox server), and a distribution profile when you are using a production certificate.
If you are still getting problems take a look at this guide, it's from quickblox, but the part related to the Apple portal it's the same independently form the server or the service you are using to generate notification and it's really well explained.
follow this it might help you,
http://www.raywenderlich.com/3443/apple-push-notification-services-tutorial-part-12
I also followed all the tutorials mentioned above. I had the same issue with 'step 4'.
What I found out is that I cannot create a provisioning profile manually (using THE certificate). It automatically generates it for me once my Xcode 5 synchronizes with my AppId which was created by myself. So I would like to suggest that you wait a few minutes after you pressing the 'fix issue' button from the general tab. (BTW, I am new to IOS developer.)
I'd like to test an application on the iphone simulator which connects to a service using a certificate which is signed by our own CA. I can do this on the actual device by adding a provisioning profile which has the CA certificate. I had thought that having the CA certificate in the standard OSX keychain would work, but it doesn't.
So I can access the service via Safari without warning, but I get error when trying to run things in simulator.
The crypto api's are unavailable to the simulator. I think someone at apple was smoking crack when they made this decision because i fail to see how having an iPhone changes the out come of a cryptographic algorithm. Never the less in order to develop with these systems you'll need an iphone or ipod touch.
This link worked for me
canAuthenticateAgainstProtectionSpace method set to return yes.
NOTE: this will accept any certificate so should be removed for production releases: ie: ONLY for testing
It seems to work okay when I point the emulator at one of our live servers which a use a 'real' certificate. But I've just been getting 1200 errors trying to get the emulator to talk to a local test server I set up this morning.
So there must be crypto libraries there (or our app wouldn't talk to the live servers with real certificates), but there certainly seems to be a problem with self-signed certs.
previously i had configured my app id for development push notifications it was working fine.
But now i have changed my appid and i have followed the same procedure as stated in the apple docs and i have put newly generated .p12 file on the server side but i am not getting the push to my device now.
i have a doubt for an apple id i generate both development and production ssl certificates and in programme portal both environments shows green balls.
i have created development provision profile after doing as said above. in the sever side do i need to point to production ssl or development ssl for testing.
can anybody have any idea about this
It depends which server are you contacting.
If you are testing on the development side, you have to send requests to the sandbox (gateway.sandbox.push.apple.com) using the appropriate SSL certificate and the appropriated Device Token.
If you are on production/release mode, you have to use the correspondent info.
Another thing that you have to keep in mind is that, for each certificate you have to register your device for push notifications, and if you change the provisioning profile, you have to do everything again, because the Device Token will be different.
Cheers,
VFN
Make sure that the device which you are testing doesn't have both the development profile and the distribution profile. Only distribution (adhoc) profile must be there.
I develop an iPhone framework which sends HTTPS requests in order to communicate with a publicly available backend server. Currently I have a big problem regarding untrusted server certificates.
The certificate of the backend server is not signed by a trusted CA, so my first approach was to use NSURLRequest's private allowsAnyHTTPSCertificateForHost. While this worked as expected and was fine as temporary workaround, our customer demands a clean solution as final result. Therefore I wrote a method which allows to install a provided certificate from the file system in the keychain, but this method does not work as expected in the iPhone Simulator. The certificate is installed in the host machine's Mac OS X keychain instead. Unfortunately, if I call NSURLConnection's sendSynchronousRequest method, I retrieve an "untrusted server certificate" error. It seems as if NSURLConnection is not able to access the host's Mac OS X keychain to retrieve the certificate.
Is my guess correct or did I miss something?
Would my approach work if I ran my app on a real iPhone device instead (I do not have one available yet)?
Does there exist a keychain in the iPhone Simulator at all?
Is it at all possible to send HTTPS requests to a server with an untrusted certificate on the iPhone Simulator or do I have to use precompiler directives to implement different routines depending on the underlying platform (simulator or device, respectively)?
Any help is highly appreciated.
Thanks,
Matthias
You can get free trusted SSL certificates at http://startssl.com
Perhaps the ASIHTTPRequest library can help with that?
Yes agree with Beat Bolli but i have done this by NSURL request.may be you are skipping spmething.