Hi eskimo, You are right. I'm trying to build a client daemon which setup network connection with SSL. I'm trying to create an identity with the ECC key and the certificate (in RSA PEM format. I was able to setup the certificate with SecItemImport as it supports RSA PEM format) And setup the identity as following: // Add ECC Key to keychain (failed here) CFMutableDictionaryRef secItemParams = CFDictionaryCreateMutable(default_alloc, 0, NULL, NULL); CFDictionarySetValue(secItemParams, kSecClass, kSecClassKey); CFDictionarySetValue(secItemParams, kSecValueRef, privateKey); CFDictionarySetValue(secItemParams, kSecUseKeychain, import_keychain); OSStatus key_status = SecItemAdd(secItemParams, NULL); // setup identity SecIdentityCreateWithCertificate(keychain, certificate, &output_identity); identity = CFArrayCreate(default_alloc, (const void **)certs, 1L, &kCFTypeArrayCallBacks); // Set certificate using the identity SSLSetCertificate(ctx, identity);

Hi Quinn, thank you so much for the instruction. I was able to run the generic password sample. I created a simple C command line program, compiled and run with cmake/clang from terminal. (well, vscode terminal to be specific.) The program was able to run the generic password test after I switch to a machine I had full access permission. I assume the generic password was failed because of permission. However, adding the ECC key still failed with OSStatus -50 in the C program. I also tried with Objective-C in XCode, and got the same result. Also, I will get error "OSStatus -34018 : A required entitlement isn't present.", if I don't specify the keychain to add to. I'm not sure if that is one of the cause. I will continue to try out different attributes and keys to see if there is any inspiration. I would really appreciate if you have further suggestion about what should I do next. Thank you.

Thank you so much for the reply! As -50 is a vague error code, I'm lost what should I look into. I know that I got the error after I added the kSecUseKeychain attribute. And looking at the documentation, I failed to find more information related to the keychain attribute Item Attribute Keys and Values. Would you have any information related? Would you mind also providing more information about execution context? I'm not sure what is it about. For the password example, I tried with a generic password, it pop out the same error: errSecInteractionNotAllowed. I guess the issue was with the execution context?