iOS:在钥匙串中预先安装SSL证书-以编程方式 [英] iOS: Pre install SSL certificate in keychain - programmatically
问题描述
我想在用户访问站点之前在钥匙串中安装/保存证书。
我有一个HTTPS服务器,我的应用程序先对用户进行身份验证,然后再转到 https:// mysite 。 p>
是否可以通过钥匙串中的POST请求安装/保存证书,或者可以将该证书(文件)复制到资源包中以将其标记为受信任, ?
拥有der格式的服务器证书后,您可以尝试以下代码:
+(void)addCertToKeychain:(NSData *)certInDer
{
OSStatus err = noErr;
SecCertificateRef证书;
cert = SecCertificateCreateWithData(NULL,(CFDataRef)certInDer);
assert(cert!= NULL);
CFTypeRef结果;
NSDictionary * dict = [NSDictionary dictionaryWithObjectsAndKeys:
(id)kSecClassCertificate,kSecClass,
cert,kSecValueRef,
nil];
err = SecItemAdd((CFDictionaryRef)dict,& result);
assert(err == noErr || err == errSecDuplicateItem);
CFRelease(证书);
}
它将证书添加到应用程序的钥匙串沙箱中,即没有其他应用程序会信任您的证书。
I want to install/save a certificate in the keychain before the user visits the site. I have a HTTPS server, and my app authenticates the user before they go to https://mysite.
Is there a way that I can install/save the certificate via a POST request in the keychain or can I copy that certificate (the file) to the resource bundle to mark it trusted?
Once you have the server certificate in der format you can try the following code:
+ (void) addCertToKeychain:(NSData*)certInDer
{
OSStatus err = noErr;
SecCertificateRef cert;
cert = SecCertificateCreateWithData(NULL, (CFDataRef) certInDer);
assert(cert != NULL);
CFTypeRef result;
NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
(id)kSecClassCertificate, kSecClass,
cert, kSecValueRef,
nil];
err = SecItemAdd((CFDictionaryRef)dict, &result);
assert(err == noErr || err == errSecDuplicateItem);
CFRelease(cert);
}
It will add the certificate to the keychain sandbox of your application i.e. no other application will trust your cert.
这篇关于iOS:在钥匙串中预先安装SSL证书-以编程方式的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
