I'm using SecPKCS12Import to import certificates from a p12 file. The code below is how I'm using the function to retrieve the data. It works fine on iOS 10 and 9 but when I run our app on iOS 10.2 it doesn't seem to pull all the certificates needed from the p12 file. I'm using Swift 2.2 and the certificates are not self-signed.
let mainBundle = NSBundle.mainBundle() let thePath = mainBundle.pathForResource(fileName, ofType: "p12")! let PKCS12Data: NSData = NSData(contentsOfFile: thePath)! var items: CFArray? let optionDict: NSMutableDictionary = [kSecImportExportPassphrase as NSString: "password"] let sanityCheck = SecPKCS12Import(PKCS12Data, optionDict, &items)
This is what I get on iOS 9 and 10
<cert(0x7f95e2e256d0) s: ingclient-qa.faps.net i: Network Solutions DV Server CA 2>
<cert(0x7f95e480ee00) s: Network Solutions DV Server CA 2 i: USERTrust RSA Certification Authority>
<cert(0x7f95e480f800) s: USERTrust RSA Certification Authority i: AddTrust External CA Root>
<cert(0x7f95e4830c00) s: AddTrust External CA Root i: AddTrust External CA Root>
This is what I get on iOS 10.2
<cert(0x7ff62b707ed0) s: ingclient-qa.faps.net i: Network Solutions DV Server CA 2>
<cert(0x7ff62d039c00) s: Network Solutions DV Server CA 2 i: USERTrust RSA Certification Authority>
<cert(0x7ff62d03a600) s: USERTrust RSA Certification Authority i: USERTrust RSA Certification Authority>
If you look at the last certificate on iOS 10.2 example you'll see that s: is set to USERTrust RSA Certification Authority as well as i: but on iOS 9 you can see that i: is set to AddTrust External CA Root. Is there something that I'm doing wrong here?
How is this log output generated? You don’t show the logging in your code snippet, which leaves me kinda confused as to how the two connect.
Can you post an example
.p12 that exhibits the changed behaviour? Either put it on a file sharing site and post the URL (that’ll take moderator approval, but I can sort that out) or post a hex dump.
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"