iPhone Simulator custom CA certificate

Question

I'd like to test an application on the iphone simulator which connects to a service using a certificate which is signed by our own CA. I can do this on the actual device by adding a provisioning profile which has the CA certificate. I had thought that having the CA certificate in the standard OSX keychain would work, but it doesn't.

So I can access the service via Safari without warning, but I get error when trying to run things in simulator.

score 5 · Accepted Answer · answered Feb 24 '10 at 20:20

5

The crypto api's are unavailable to the simulator. I think someone at apple was smoking crack when they made this decision because i fail to see how having an iPhone changes the out come of a cryptographic algorithm. Never the less in order to develop with these systems you'll need an iphone or ipod touch.

answered Feb 24 '10 at 20:20

rook

66,304
38
162
239

Boo. So, you are saying SSL doesn't work at all on the simulator? – jr. Feb 24 '10 at 20:29
I have done simple SSL on the simulator. This will work fine. However it would seem (according to this post) that you cannot install new certificates on the simulator. Is that the case? – mtmurdock Apr 06 '11 at 22:07
1

You can install new certificates on the simulator. It involves manually adding them to the Simulator's keychain. The way I've seen it work is add the certificate to a device, look at the db entry created on the device and then manually copy that to the db that the simulator uses. A script for the particular certificate used for Charles can be found at http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/ – Laughing_Jack Nov 08 '12 at 01:46

score 1 · Answer 2 · edited May 23 '17 at 12:27

1

This link worked for me

canAuthenticateAgainstProtectionSpace method set to return yes. NOTE: this will accept any certificate so should be removed for production releases: ie: ONLY for testing

edited May 23 '17 at 12:27

Community

1
1

answered Feb 23 '12 at 06:24

roshi

127
1
5

score 0 · Answer 3 · answered Jan 04 '11 at 23:16

0

It seems to work okay when I point the emulator at one of our live servers which a use a 'real' certificate. But I've just been getting 1200 errors trying to get the emulator to talk to a local test server I set up this morning.

So there must be crypto libraries there (or our app wouldn't talk to the live servers with real certificates), but there certainly seems to be a problem with self-signed certs.

answered Jan 04 '11 at 23:16

graham

1

1

p.s. I can browse to this server and accept its cert from my desktop just fine. – graham Jan 04 '11 at 23:17

iPhone Simulator custom CA certificate

3 Answers3

Linked