• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
How to enable client-side SSL cert checking in CFStream?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

How to enable client-side SSL cert checking in CFStream?


  • Subject: How to enable client-side SSL cert checking in CFStream?
  • From: Jens Alfke <email@hidden>
  • Date: Wed, 14 May 2008 15:05:33 -0700

I'm using NSStream for TCP connections. I need to use SSL, with both peers presenting and checking certificates. I've gotten this working to the degree that it opens an SSL connection, and the client can get the server's cert by accessing kCFStreamPropertySSLPeerCertificates ... but on the server side, the client's cert comes back as NULL, and in fact the connection still opens even if I don't set a cert at all on the client side.

I'm not familiar with the underlying <SecureTransport.h> API, but from the header it looks like the call that isn't happening but needs to is SSLSetClientSideAuthenticate. The comment says the default value is kNeverAuthenticate; I need to change this to kAlwaysAuthenticate.

There are no documented properties for this in <CFStream.h>. Nor does there seem to be a way to get the streams' SSLContextRef. Help! What can I do?

—Jens

Attachment: smime.p7s
Description: S/MIME cryptographic signature

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

  • Prev by Date: CFFTP EPIPE error and crash
  • Next by Date: Re: How to enable client-side SSL cert checking in CFStream?
  • Previous by thread: CFFTP EPIPE error and crash
  • Next by thread: Re: How to enable client-side SSL cert checking in CFStream?
  • Index(es):
    • Date
    • Thread