Re: SSL websocket server, part two
Re: SSL websocket server, part two
- Subject: Re: SSL websocket server, part two
- From: "Quinn \"The Eskimo!\"" <email@hidden>
- Date: Thu, 13 Nov 2014 10:16:39 +0000
On 12 Nov 2014, at 01:53, Mitchell Laurren-Ring <email@hidden> wrote:
> Is there a better way to create an identity from certificate and key data in memory?
Why do you have the certificate and key data in memory? It's best to store these in a keychain. This is important for the private key (where the keychain protects the private key) and doubly important for the private key on OS X (where critical crypto operations are done in the security daemon which requires that the key be in the keychain).
Once the identity is in the keychain, it's easy to get it out via SecItemCopyMatching. The TLSTool sample code shows a very simple example of this (although a real app would probably want to use a persistent reference rather than just a simple string).
<https://developer.apple.com/library/mac/samplecode/SC1236/>
In some cases it doesn't make sense to have the identity store in a standard keychain. In that case it's perfectly fine for you to create your own, app-specific keychain.
Share and Enjoy
--
Quinn "The Eskimo!" <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden