How do I configure identityData of NEVPNProtocolIKEv2 with String certificate?

Question

I using NetworkExtension framework to creating an application, it connect to VPN server via NEVPNProtocolIKEv2.

After research, I found an tutorial about working with NetworkExtension framework, and I try to follow it. (http://ramezanpour.net/post/2014/08/03/configure-and-manage-vpn-connections-programmatically-in-ios-8/)

But, I stuck when I configure identityData of this protocol. Here is m code:

self.vpnManager.loadFromPreferencesWithCompletionHandler { [unowned self] (error) in
if error != nil {
    printError("\(error?.errorDescription)")
    return
}

let p = NEVPNProtocolIKEv2()
p.username = server.userName
p.serverAddress = server.serverUrl

// Get password persistent reference from keychain
self.createKeychainValue(server.password, forIdentifier: KeychainId_Password)
p.passwordReference = self.searchKeychainCopyMatching(KeychainId_Password)

p.authenticationMethod = NEVPNIKEAuthenticationMethod.None
self.createKeychainValue(kVPNsecret, forIdentifier: KeychainId_PSK)
p.sharedSecretReference = self.searchKeychainCopyMatching(KeychainId_PSK)


// certificate
p.identityData = ??????

p.useExtendedAuthentication = true
p.disconnectOnSleep = false

self.vpnManager.`protocol` = p
self.vpnManager.localizedDescription = server.serverName

self.vpnManager.saveToPreferencesWithCompletionHandler({ [unowned self] (error) in
    if error != nil {
        printError("Save config failed " + error!.localizedDescription)
    }
    })

}

In tutorial, p.identityData is NSData, that was loading from a P12 file. But I have only a string that call: server.certificate

This server.certificate has a value like this

"-----BEGIN CERTIFICATE-----\nMIIEdDCCA1ygAwIBAgIBADANBgkqhki......1iEtCZg7SAlsBiaxpJzpZm5C6OifUCkUfZNdPQ==\n-----END CERTIFICATE-----\n"

This is a very very long string, that call x509Certificate... or something like that, I do not remember exactly.

I found an library support write an String to file p12, It is "openssl".

But demo code is Objective-C. I keep trying port this code to Swift, but it is so hard. (democode: iOS: How to create PKCS12 (P12) keystore from private key and x509certificate in application programmatically?)

Finally, I have only a String certificate, and I want to configure p.identityData for my application. How I do it?

Hey did you got any solution for how to add certificate for NEVPNProtocolIKEv2 protocol ? — Shrikant K, Nov 29 '17 at 11:25
@KotD.Tr hey, did you solved this problem ? Please share you experience — I.U., Feb 27 '21 at 12:57

How do I configure identityData of NEVPNProtocolIKEv2 with String certificate?

0 Answers0