SecTrustEvaluate()是否在应用程序密钥链中查找根证书? [英] Does SecTrustEvaluate() look for root certificates in the application keychain?
问题描述
文档说:如果验证叶证书所需的所有证书都不包含在信任管理对象中,则SecTrustEvaluate会在钥匙串搜索列表中查找证书(请参阅SecTrustSetKeychains)和系统的锚证书存储(请参阅SecTrustSetAnchorCertificates)。
The docs say: "If not all the certificates needed to verify the leaf certificate are included in the trust management object, then SecTrustEvaluate searches for certificates in the keychain search list (see SecTrustSetKeychains) and in the system’s store of anchor certificates (see SecTrustSetAnchorCertificates)."
但是,由于SecTrustSetKeychains()在iOS上不可用,因此不清楚此函数是否也会查看应用程序的钥匙串。
However, since SecTrustSetKeychains() is not available on iOS, it’s not clear whether this function will also look in the application’s keychain.
推荐答案
eskimo1回答了这个问题:
eskimo1 from Apple Devforums answered this so:
- SecTrustEvaluate()是否在
应用程序钥匙串中查找根证书?
默认不是。但是,通过从证书链中获取证书(或从任何地方获取)并使用SecTrustSetAnchorCertificates将它们应用于SecTrust对象,可以轻松实现此目的。
Not by default. However, it's easy to make it do this by getting the certificates out of your keychain (or from wherever) and applying them to the SecTrust object using SecTrustSetAnchorCertificates.
SecTrustEvaluation / will /在钥匙串中找到中间证书。
SecTrustEvaluation /will/ find intermediate certificates in your keychain.
这篇关于SecTrustEvaluate()是否在应用程序密钥链中查找根证书?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
