• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: SecCertificateRef from PEM file
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SecCertificateRef from PEM file

  • Subject: Re: SecCertificateRef from PEM file
  • From: Paul Nelson <email@hidden>
  • Date: Wed, 03 Jun 2009 14:08:32 -0500
  • Thread-topic: SecCertificateRef from PEM file
Title: Re: SecCertificateRef from PEM file
Use SecKeychainItemImport:

    CFDataRef pemContents;
    // read the file into pemContents
    ortn = SecKeychainItemImport( (CFDataRef)pemContents, nil, &inputFormat, &itemType, 0, nil, nil, &itemArray);

    if( itemArray )
    {
        // each item in itemArray is a SecCertificateRef.  If you want to get the DER cert data,  -
            ortn = SecCertificateGetData( “itemArray item at index 0”, &certData );
    }

Paul Nelson
Thursby Software Systems, Inc.

> From: Ryan Govostes <email@hidden>
> Date: Wed, 3 Jun 2009 13:35:57 -0400
> To: <email@hidden>
> Subject: SecCertificateRef from PEM file
> Resent-From: Ryan Govostes <email@hidden>
> Resent-To: <email@hidden>
> Resent-Date: Wed, 3 Jun 2009 13:37:36 -0400
>
> Hello,
>
> I have a certificate stored on disk in PEM format. I'd like to read it  
> into a SecCertificateRef.
>
>  From some cursory reading, it looks like a PEM certificate is just  
> Base64-encoded DER. So I manually decoded the Base64 and wrote the  
> binary data to a file, which was read in like:
>
> SecCertificateRef rootCert;
> CSSM_DATA cssmdata;
>
> cssmdata.Data = "" bytes];
> cssmdata.Length = [certdata length];
> SecCertificateCreateFromData(&cssmdata, CSSM_CERT_X_509v3,  
> CSSM_CERT_ENCODING_DER, &rootCert);
>
> At this point SecCertificateCreateFromData returns noErr and things  
> look like they're going well. However, any time I try to use the root  
> certificate, i.e.,
>
> CFStringRef commonName;
> SecCertificateCopyCommonName(rootCert, &commonName);
>
> SecCertificateCopyCommonName returns errSecDataNotAvailable (which is  
> unexplained). I take it that this means that the certificate was not  
> properly loaded from the data?
>
> Is there a better way to go about reading in the PEM file, other than  
> doing so manually like I have done? Am I doing something incorrect  
> that would cause the error code I am seeing?
>
> Thanks,
> Ryan Govostes
>  _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Darwin-dev mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
> 
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >SecCertificateRef from PEM file (From: Ryan Govostes <email@hidden>)

  • Prev by Date: SecCertificateRef from PEM file
  • Next by Date: Certificate trust evaluation
  • Previous by thread: SecCertificateRef from PEM file
  • Next by thread: Certificate trust evaluation
  • Index(es):
    • Date
    • Thread