5

I am creating an iPhone app where we want to use x.509 certificates for client authentication. The user can install their cert from an email... It shows up under Settings -> General -> Profiles... However I am unable to read these certificate from my app...

I want to provide an interface similar to provided by Junos Pulse VPN client... A configuration window listing all the certificates in the device keychain and let the user select their identity.

How do I go about achieving this???

Nirmal Patel
  • 5,128
  • 8
  • 41
  • 52

2 Answers2

7

The Junos Pulse app is apparently getting its access via a VPN plugin which is a private API supplied by Apple on an invitation-only basis. That API is giving the app access to those certificates otherwise accessible only to built-in iOS apps like Safari.

Review the following which were very helpful when I was researching the topic: iOS get Configuration Profiles that are installed (Apple Development post linked in one of the answers) https://devforums.apple.com/message/660579#660579

Community
  • 1
  • 1
thematic
  • 86
  • 1
  • 2
2

You cannot access that keychain. And, yes, use search.

From Apple Docs:

The iOS gives an application access to only its own keychain items.

Read more here: Keychain Services Programming Guide

uberhitzt
  • 5
  • 3
Nekto
  • 17,837
  • 1
  • 55
  • 65
  • A lot of posts say this... But then how does the Junos Pulse app read the system keychain for certificates??? – Nirmal Patel Oct 04 '11 at 14:10
  • I don't know what is the 'Junos Pulse app', are you sure that it read certificate not from there own keychain? – Nekto Oct 04 '11 at 14:23
  • I have an https site setup with cert based client authentication. When I access this site in Safari (on iPad) it shows a popup listing all the Identity certificates. The same list of certificates is shown by the Junos Pulse app (Juniper's SSL VPN Client app for iOS). which makes me conclude that Pulse is reading from Safari's keychain. – Nirmal Patel Oct 04 '11 at 17:40
  • is it possible to get the public key from own application keyChain? – Muruganandham K Apr 03 '14 at 06:19