OK, I’m going to presume you mean “because that’s what our existing OpenVPN implementation uses.” OpenVPN is a protocol and, while that protocol is based on TLS, it does not require that you to use one specific TLS implementation. Right?
You are correct, that's what our existing implementation uses. Thank you for your response Quinn! We will look more into the 3 choices.
pfeng
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Post
Replies
Boosts
Views
Activity
We need OpenSSL because we are trying to use OpenVPN protocol.
Yes, we are trying to run a connection with certificate authentication.
Thank you for the information Quinn. We plan to pass the extracted private key data to an openssl API.
We were able to actually get the data back by using the "SecItemExport" with a placeholder password. However, "SecItemExport" seems to return the private key without a -25260 error only if we use "SecExternalFormat.formatWrappedPKCS8" or "SecExternalFormat.formatPKCS12".
Do you know if there is anyway for us to get a PEM formatted or PKCS1 key back?
Hi, were you able to retrieve the key? We are running into a similar issue.
Yes, the user manually adds the cert & private key to the Keychain Access app (more specifically, the login keychain) and we are trying to extract the cert and the private key data from there.