带有 SSL 客户端证书的 iPhone 应用程序-移动开发问题

IPhone app with SSL client certs(带有 SSL 客户端证书的 iPhone 应用程序)

本文介绍了带有 SSL 客户端证书的 iPhone 应用程序的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在构建一个 iphone 应用程序，该应用程序需要使用客户端证书通过 https 访问 Web 服务.如果我将客户端证书(以 pkcs12 格式)放在应用程序包中，我可以将其加载到应用程序中并进行 https 调用(很大程度上要感谢 stackoverflow.com).

I'm building an iphone app that needs to access a web service over https using client certificates. If I put the client cert (in pkcs12 format) in the app bundle, I'm able to load it into the app and make the https call (largely thanks to stackoverflow.com).

但是，我需要一种方法来分发没有任何证书的应用程序，并将其留给用户提供自己的证书.我想我会通过指示用户在 iphone 的配置文件(设置->常规->配置文件)中导入证书来做到这一点，这是通过在 Mail.app 中打开一个 .p12 文件得到的，然后我会访问该项目在我的应用程序中.我希望配置文件中的证书可以通过钥匙串 API 获得，但我想我错了.

However, I need a way to distribute the app without any certs and leave it to the user to provide his own certificate. I thought I would just do that by instructing the user to import the certificate in iphone's profiles (settings->general->profiles), which is what you get by opening a .p12 file in Mail.app and then I would access that item in my app. I would expect that the certificates in profiles are available through the keychain API, but I guess I'm wrong on that.

1) 有没有办法访问我已经在我的应用程序中的 iphone 配置文件中加载的证书?

1) Is there a way to access a certificate that I've already loaded in iphone's profile in my app?

2) 我还有哪些其他选项可以在我的应用中加载用户指定的证书?我唯一能想到的就是提供一些界面，用户可以在其中提供指向他的 .p12 证书的 URL，然后我可以将其加载到应用程序的钥匙串中供以后使用，但这并不完全是用户友好的.我正在寻找允许用户将证书放在手机上(通过电子邮件发送给自己)然后将其加载到我的应用程序中的东西.

2) What other options I have for loading a user specified certificate in my app? The only thing I can come up with is providing some interface where the user can give an URL to his .p12 cerificate, which I can then load into the app's keychain for later use, but thats not exactly user-friednly. I'm looking for something that would allow the user to put the cert on phone (email it to himself) and then load it in my app.

推荐答案

我试过这个:

NSString *thePath = [[NSBundle mainBundle] pathForResource:@"certificate" ofType:@"p12"]; 
NSData *PKCS12Data = [[NSData alloc] initWithContentsOfFile:thePath]; 
CFDataRef inPKCS12Data = (CFDataRef)PKCS12Data; 
CFStringRef password = CFSTR("pass"); 
const void *keys[] = { kSecImportExportPassphrase }; 
const void *values[] = { password }; 
CFDictionaryRef optionsDictionary = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL); 
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL); 
SecPKCS12Import(inPKCS12Data, optionsDictionary, &items);

inPKCS12Data 正确但项目为空.发生了什么?

inPKCS12Data is correct but items is empty. What is happening?

这篇关于带有 SSL 客户端证书的 iPhone 应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！