4 Replies
      Latest reply: Dec 1, 2016 10:13 PM by Honda_MW RSS
      Honda_MW Level 1 Level 1 (0 points)

        My application needs to authenticate the client certificate. Is it possible to perform authentication using the certificate downloaded in the terminal?

        With an application such as AnyConnect, it seems that you can refer to the downloaded certificate on the terminal. Is it possible to implement this function also for my applications?

        • Re: Can I get certificate from General?
          eskimo Apple Staff Apple Staff (5,995 points)

          What platform are you working on?  When you say “downloaded in the terminal”, does that mean the Terminal utility on macOS?  If so, what commands are you running to download this certificate?

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"

            • Re: Can I get certificate from General?
              Honda_MW Level 1 Level 1 (0 points)

              The platform is iOS.I want to perform SSL communication with a server using a self-signed certificate.

              I installed root certificate and client certificate on iPhone using iPhone configuration utility.

              Is there a way to access that certificate from my application?

                • Re: Can I get certificate from General?
                  eskimo Apple Staff Apple Staff (5,995 points)

                  I installed root certificate and client certificate on iPhone using iPhone configuration utility. Is there a way to access that certificate from my application?

                  It depends on the type of ‘certificate’:

                  • If you install a root certificate on the device, it will automatically be used by trust objects (SecTrust) throughout the OS.  It’s possible to get at the root certificate via one of those trust objects, but in most cases you don’t need to do that because having the trust object use those installed roots is sufficient.

                  • A client certificate (which is actually a digital identity, that is, the combination of a certificate and the private key that matches the public key in that certificate) is stored in the Apple ‘slice’ of the keychain, and thus is only available to Apple apps.  This is discussed in QA1745 Making Certificates and Keys Available To Your App.

                  Share and Enjoy

                  Quinn “The Eskimo!”
                  Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                  let myEmail = "eskimo" + "1" + "@apple.com"