iPhone TrustStore CA certificates

Question

Does any of you have a clue how to alter the contents of Security.framework/TrustStore.sqlite3. It seems as if the iPhone uses it to store trusted CA certificates. I really want my iPod touch to trust my custom certificate. Beside that, does anyone of you know an app (win32) to edit sqlite3 database files (except sqliteman, this one always crashes for me).

Answer 1

Since iOS 11 the TrustStore is located at: /System/Library/Security/Certificates.bundle instead of the usual location: /System/Library/Frameworks/Security.framework

Answer 2

To install your own CA certificate in iOS 13 (Simulator or Phone/Pad)

1. Place your CA certificate on a website, make sure it has a .crt extension (like MyCA.crt).
2. Go to Safari in the Simulator
3. Download the certificate, choose Yes to Install the 'Profile' when prompted
4. Go to settings in the Simulator General > Profile > [Your Certificate] and click install
5. Go to settings in the Simulator General > Info > Trusted Certificates Find your certificate and toggle the switch to On.

Your CA is now trusted. In older versions of the simulator you could just drag your certificate on the simulator but that no longer seems to work.

Remember that Apple limits the validation duration of your certificates so don't make them valid for 10 years but choose a shorter time.

If you fail at the first step then this is probably because your webserver doesn't recognise the .crt extension. Common web servers like Apache should work fine.

• @Apple: I would expect a setting in the developer options in the simulator to just accept insecure certificates but honestly for the first time in many years the process to install your own CA is easier (AFAIK) on iOS then Android 10!