anyone get SSL to work with the iPhone?

2 views
Skip to first unread message

Jimmy Reza

unread,
Sep 5, 2008, 6:16:50 PM9/5/08
to BLIP Protocol
 
hiya
 
was wondering if anyone has gotten their BLIP to work the with client certificates on an iPhone application.
just wondering where does a client side generated certfiicate come from on the iPhone
 
tia
jimmy

Jimmy Reza

unread,
Sep 5, 2008, 6:26:37 PM9/5/08
to BLIP Protocol

Jens Alfke

unread,
Sep 5, 2008, 6:32:00 PM9/5/08
to Jimmy Reza, BLIP Protocol

On Sep 5, 2008, at 3:16 PM, Jimmy Reza wrote:

just wondering where does a client side generated certfiicate come from on the iPhone

Generating SSL certs is pretty painful, unfortunately. You have to use a mixture of keychain and CDSA (crypto) APIs to create an RSA keypair, create a cert with the right attributes, sign the cert, and then store it in the keychain.

I started by using the open-source Keychain.framework, which is a very handy higher-level wrapper around the system APIs. But even with that, it took a lot of trial and error. :-(

(I'm assuming the same APIs exist on the iPhone, although this may not be true; I haven't looked.)

Apple's CDSA mailing list would be the best place to ask for advice, although of course you still can't say the word "iPhone" there.

—Jens

Jens Alfke

unread,
Sep 5, 2008, 6:33:48 PM9/5/08
to Jimmy Reza, BLIP Protocol

On Sep 5, 2008, at 3:26 PM, Jimmy Reza wrote:

thinking of testing it out with this

That will show you how to add the finished cert; but that's not the hard part, creating the cert is.

(Also, the keychain.framework has much friendlier Obj-C wrappers for the functionality in that sample code.)

—Jens

Jimmy Reza

unread,
Sep 5, 2008, 6:39:04 PM9/5/08
to Jens Alfke, BLIP Protocol
 
thanks.. i don't think you can compile against a framework that does not existon the iPhone..
i would have to get the source code for the keychain framework and build it into the code of the iPhone app
 
i think this might be the case
 
i'll let you know what i find :)
 
thanks
jimmy

Jens Alfke

unread,
Sep 5, 2008, 8:07:37 PM9/5/08
to Jimmy Reza, BLIP Protocol

On Sep 5, 2008, at 3:39 PM, Jimmy Reza wrote:

> i would have to get the source code for the keychain framework and
> build it into the code of the iPhone app

It's open source, that shouldn't be a problem.
FYI, the downloads are years old; check the code out from subversion
instead to get the latest.

—Jens

Reply all
Reply to author
Forward
0 new messages