Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to use Client Certificate Authentication in iOS App

I don't have a lot experience about Client Certificate Authentication. Anybody can tell me how to use it in iOS app? Thanks :)

like image 327
asedra_le Avatar asked Sep 20 '10 07:09

asedra_le


People also ask

How do I install certificate client on Iphone?

On your iOS device, go to: http://cert.incommon.org/InCommonRSAStandardAssuranceClientCA.crt. On the Install Profile screen, you will see the "Trusted" certificate file to install. Tap Install. A notice will inform you that installing this profile will change settings on your device; tap "Install Now".

How do I verify certificate on Iphone?

You can verify that the certificate is installed by going into Settings > General > Profile. In iOS 10.3 and later, you will need to manually trust the installed certificate by going to Settings > General > About > Certificate Trust Settings and enable trust for that certificate.


1 Answers

Your NSURLConnection delegate should respond to the connection:didReceiveAuthenticationChallenge: delegate method (see link below).

http://developer.apple.com/library/ios/documentation/cocoa/reference/foundation/Classes/NSURLConnection_Class/Reference/Reference.html#//apple_ref/occ/instm/NSObject/connection:didReceiveAuthenticationChallenge:

It should respond by asking the challenge for its 'sender' and providing it with an appropriate credential.

Something like:

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
  id sender = [challenge sender];

  // create a credential from a certificate
  // see doco for details of the parameters
  NSURLCredential *creds = [NSURLCredential credentialWithIdentity:ident certificates:certs persistence:persistence];

  [sender useCredential:creds forAuthenticationChallenge:challenge];
}

See the NSURLCredential class reference for details of how to create a credential based on a certificate:

like image 119
Jake Avatar answered Sep 30 '22 03:09

Jake