-(void)startSSL{
// Read .p12 file
NSString *path = [[NSBundle mainBundle] pathForResource:@"cloudscreen-prod" ofType:@"p12"];
NSData *pkcs12data = [[NSData alloc] initWithContentsOfFile:path];
// Import .p12 data
CFArrayRef keyref = NULL;
OSStatus sanityChesk = SecPKCS12Import((__bridge CFDataRef)pkcs12data,
(__bridge CFDictionaryRef)[NSDictionary
dictionaryWithObject:@"3437563"
forKey:(__bridge id)kSecImportExportPassphrase],
&keyref);
if (sanityChesk != noErr) {
NSLog(@"Error while importing pkcs12 [%@]", [[NSNumber numberWithInt:sanityChesk]stringValue]);
} //else
// NSLog(@"Success opening p12 certificate.");
// Identity
CFDictionaryRef identityDict = CFArrayGetValueAtIndex(keyref, 0);
SecIdentityRef identityRef = (SecIdentityRef)CFDictionaryGetValue(identityDict,kSecImportItemIdentity);
// Cert
SecCertificateRef cert = NULL;
OSStatus status = SecIdentityCopyCertificate(identityRef, &cert);
if (status)
NSLog(@"SecIdentityCopyCertificate failed.");
// the certificates array, containing the identity then the root certificate
NSArray *myCerts = [[NSArray alloc] initWithObjects:(__bridge id)identityRef, (__bridge id)cert, nil];
NSDictionary *sslset = [NSMutableDictionary dictionaryWithObjectsAndKeys:
(id)kCFBooleanFalse,kCFStreamSSLValidatesCertificateChain,
myCerts,kCFStreamSSLCertificates,
// @"192.168.0.121", kCFStreamSSLPeerName,
kCFStreamSocketSecurityLevelNegotiatedSSL,kCFStreamSSLLevel,
kCFStreamSocketSecurityLevelNegotiatedSSL,kCFStreamPropertySocketSecurityLevel,
kCFBooleanTrue,kCFStreamPropertyShouldCloseNativeSocket,
kCFBooleanFalse,kCFStreamSSLIsServer,
nil];
}
ssl-p12
最新推荐文章于 2023-06-25 16:25:00 发布