This is my first post at stackoverflow.com, so if i do something wrong just let me know. So onto the problem.
I have a C#
server currently running System.Net.Socket
Sockets similar to the sample code Microsoft provided here.
I also have an Objective-C
iPad client running NSInputStream/NSOutputStream
bound to CFReadStream/CFWriteStream
.
At present with only username/password authentication sent via an XML Serialized Object
the client and server can communicate without any issues.
The problem I now have is that the communication has to be secure, and talking to clients, SSL encryption
would be acceptable. However, I don't think they would accept just the "Server Certificate" as good enough. So I am trying to get the iPad client to use a "Client Certificate". I would like to enable true mutual authentication.
If I can't achieve mutual authentication, a third party VPN
Software could be the better solution to secure the communication.
I haven't completed the conversion yet, but I have found a few articles that give me good examples of this, but there are no examples that fit my situation for client side certificates on the iPad. The samples that i have found are:
C# SSL Tcp Server
Apple Developer site that shows how to use SSL, but no client certificate
iPad SSL Stream without client certificate.
iPad SSL Stream without client certificate
iPad HTTP Client that uses client certificate
Basically the system must eventually run TCP
communication with SSL
embedded with the ability to manage certificates. Not sure if it makes a difference, but as this would be going to many different clients, it is preferable to be compatible with SSL 3.0
and TLS
(any version).
As I have only been dabbling in Objective-C
for the past 6 months and am more familiar with C#
, I will probably need you to explain your answer in simpler terms.
Edit:
I am more concerned with the Objective-C
side of the equation, as I am fairly sure the C#
side will be simple. Basically I need someone to explain how to implement client side certificates on a TCP NSStream
in Objective-C
or point me in the direction of possible solutions or approaches to the problem.
Any help will be greatly appreciated.
Chris
C programming language is a machine-independent programming language that is mainly used to create many types of applications and operating systems such as Windows, and other complicated programs such as the Oracle database, Git, Python interpreter, and games and is considered a programming foundation in the process of ...
In the real sense it has no meaning or full form. It was developed by Dennis Ritchie and Ken Thompson at AT&T bell Lab. First, they used to call it as B language then later they made some improvement into it and renamed it as C and its superscript as C++ which was invented by Dr.
Quote from wikipedia: "A successor to the programming language B, C was originally developed at Bell Labs by Dennis Ritchie between 1972 and 1973 to construct utilities running on Unix." The creators want that everyone "see" his language. So he named it "C".
I cannot answer your question with regards to how to implement this on the objective-c side as what you ask is beyond what a single application can achieve on IOS devices. Thinking outside the box..
From Apple:
iOS supports the Simple Certificate Enrollment Protocol (SCEP). SCEP is an Internet draft in the IETF, and is designed to provide a simplified way of handling certificate distribution for large-scale deployments. This enables over-the-air enrollment of identity certificates to iPhone and iPad that can be used for authentication to corporate services.
Knowing this and searching for SCEP in the developer library points me to this page - https://developer.apple.com/library/ios/#documentation/NetworkingInternet/Conceptual/iPhoneOTAConfiguration/Introduction/Introduction.html
This page will be of interest, notice that Microsoft Server supports this:- https://developer.apple.com/library/ios/#documentation/NetworkingInternet/Conceptual/iPhoneOTAConfiguration/OTASecurity/OTASecurity.html#//apple_ref/doc/uid/TP40009505-CH3-SW1 and it even has some sample client/server code.
My interest is generally in the field of Mobile-Device-Management and have been looking into this.
Hope this helps.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With