I've implemented a custom VPN for iOS using a Packet Tunnel Provider. I have the entitlement for 'com.apple.managed.vpn.shared'. One option to connect is to use a certificate - this can be done by distributing a VPN payload with the required certificate for the connection.
My question is if there's any way to distribute multiple certificates and that I'll be able to read them on my iOS app. For example, on the Certificates payload, I can add multiple certificates, but on the VPN payload, I can choose only one of them. So, can my app read more than one certificate?
any way to distribute multiple [digital identities] and that I'll be able to read them on my iOS app.
No. When the system ingests a profile, only the digital identity referenced by the VPN configuration payload is stored to com.apple.managed.vpn.shared
. All the other go into the standard Apple keychain access group, which you can’t access.
If you push multiple VPN configuration payloads then all of their associated digital identities end up in com.apple.managed.vpn.shared
. I can’t see anything that’d prevent you from querying the keychain for them all and then choosing between them.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"