6

How to create a SecIdentityRef if you have a SecCertificateRef and Private Key in iOS? I have a X509 certificate which is passed from server and an associated private key, but now I am struggling to establish trust in NSURLCredentials.

A similar question was asked here How to establish a SecIdentityRef in an iPhone keychain ? (Without a .p12)

As mentioned IMPORTANT in above post, i did create SecCertificateRef using SecCertificateCreateWithData first and then added into the keychain using SecItemAdd but don't know what to do now to generate SecIdentityRef.

Many Thanks,
Manish
P.S. - I don't have enough ref points to comment on a post so asking a new question.

Community
  • 1
  • 1
Manish Sanwal
  • 81
  • 1
  • 5
  • Hi, have you succeeded? I'm doing the same, but I cant get it working, I'm sending CSR to server, server returns client cert, I will save it in keychain, then I want to perform request so I overwrote `credentialWithIdentity:certificates:persistence` but im still getting SSL errors – beretis Sep 27 '16 at 09:55

1 Answers1

5

As I understand it, SecIdentityRefs don't exist as individual keychain entries. When you get an identity using SecItemCopyMatching(), it finds a certificate and a corresponding private key and returns an identity which is just a reference to that (cert, key) pair. As far as I know the only way to create SecIdentityRef is to insert a private key and a certificate for that key into your keychain and then perform a search for identities.

wiml
  • 708
  • 5
  • 6