Use p12 cert for NSURLAuthenticationMethodClientCertificate obtained from device itself

Hi,


We have an MDM that can insert the p12 certificate to the device settings, or by user pushing the cert from email and installing it.


Now I want to do an authentication with my server inside the app (not Safari or mail) using NSURLAuthenticationMethodClientCertificate and the p12 from the device itself (I don't want to insert the p12 into my app bundle as I won't insert couple of certs for diffrerent customers. All my customers use the same app but want to insert their cert using MDM).


Is there an option to do it? or do I have to insert each and every certificate to my app's bundle??


Thanks.

Up vote post of Noami Down vote post of Noami
398 views
Posted by
Noami
Reply
Add a Comment

Replies

This is covered by QA1745 Making Certificates and Keys Available To Your App.

or do I have to insert each and every certificate to my app's bundle??

Don't do that; it's trivial for an attacker to extract stuff from your app bundle and thus bypass your security.

Share and Enjoy

Quinn "The Eskimo!"
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment