"kSecTrustResultProceed indicates that the user has explicitly trusted a certificate."
Problem: kSecTrustResultProceed returned from 'SecTrustEvaluate' for some users(733/million), while their cert chain contains non explicitly trusted certs:
cert chain:
***.***.com
Go Daddy Secure Certificate Authority - G2
Go Daddy Root Certificate Authority - G2
(Go Daddy is trusted on iOS, not explicitly trusted)
I cannot reproduce this on my phone, but it does exist, for some users, including iOS 17.
Any thoughts?
SecTrustResultType res = kSecTrustResultInvalid;
SecTrustEvaluate(secTrust, &res);
if (res == kSecTrustResultUnspecified) {
return YES;
}
if (res == kSecTrustResultProceed) {
// some check... found this question
return YES;
}
if (res != kSecTrustResultRecoverableTrustFailure) {
return NO;
}
// some recover...
return recovered;
frank217
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Last seen