I am working on a iOS app that needs to look if a specific identity (certificate with private key) is installed and not expired on the iOS device.
In my use case the identity might be installed by MDM while the iOS app is not.
I have seen from previous posts that mention there is no general way for it to be done, as mentioned here https://forums.developer.apple.com/thread/52345.
Is this still the case? where it would not be possible to get a list identities
I would really trust Eskimo answer on this (and other).
And doubt there has been any relax in security policy…
I am working on a iOS app that needs to look if a specific identity … is installed and not expired on the iOS device.
Does it need to use that digital identity? Or just tell whether it’s installed?
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"For my use case the app doesn't need to use the digital identity per se, only needs to know whether it's installed and information about the digital identity, like issuer name, if it's valid. This is to know if the device is a enterprise managed device or not, that is if device has a digital identity issued by the enterprise. Could this be achieved?
This is to know if the device is a enterprise managed device or not, that is if device has a digital identity issued by the enterprise.
There isn’t a direct way to achieve either of these goals. There are, however, indirect ways to achieve the first one:
You can have your MDM system push a [managed app configuration][wwdc301] setting to your app to indicate that it’s so configured (A).
You can play games with root certificates (B).
These days I have a strong preference for option A.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"