Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
Re: SHA1 hash for public cert in keyachain
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SHA1 hash for public cert in keyachain

On Nov 10 2009 09:28 AM, Ken Ruggaber wrote:
> On Nov 9, 2009, at 8:11 PM, Ken McLeod wrote:
> >On Nov 09 2009 05:48 PM, Keith Moores wrote:
> >>We have an app built to support 10.4 and up that needs to set an
> >>identity preference when running on 10.5 and up systems.  As we need
> >>to support the lowest common denominator (10.4) we believe we're
> >>left with using the CLI, "security set-identity-preference" with the
> >>-Z option (as our user certificates' "CNs" are not necessarily
> >>unique).  But how to get the "SHA-1 hash of certificate"...
> >
> >The security tool on 10.4 did not support a
> >set-identity-preference command. However, the identity preference
> >API functions are present on 10.4, just not listed in the header
> >file.
> I was hopeful that I could just use SecCertificateSetPreference, but
> the linker can't resolve that function:
> ...
> -isysroot /Xcode2.5/SDKs/MacOSX10.4u.sdk
> /Xcode2.5/usr/bin/../libexec/gcc/powerpc-apple-darwin8/4.0.1/ld:
> Undefined symbols:
> _SecCertificateSetIdentity

That's because that symbol isn't exported in the 10.4u SDK. You would have to link against the 10.5 SDK but target 10.4 as the deployment version. See <>.


Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

 >SHA1 hash for public cert in keyachain (From: Keith Moores <email@hidden>)
 >Re: SHA1 hash for public cert in keyachain (From: Ken McLeod <email@hidden>)

Visit the Apple Store online or at retail locations.

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2011 Apple Inc. All rights reserved.