I want to create a certificate programmatically within an iOS app. The closest API I could find is SecCertificateCreateWithData which requires a DER encoded binary input.
Given that I have all the data needed available as runtime objects, How can I construct the DER encoded binary data input ?
This is how it can be doen:
NSString* certPath = [[NSBundle mainBundle] pathForResource:@"myCertificate" ofType:@"cer"];
NSData* certData = [NSData dataWithContentsOfFile:certPath];
SecCertificateRef cert;
if( [certData length] ) {
cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)certData);
if( cert != NULL ) {
CFStringRef certSummary = SecCertificateCopySubjectSummary(cert);
NSString* summaryString = [[NSString alloc] initWithString:(__bridge NSString*)certSummary];
NSLog(@"CERT SUMMARY: %@", summaryString);
CFRelease(certSummary);
} else {
NSLog(@" *** ERROR *** trying to create the SSL certificate from data located at %@, but failed", certPath);
}
}
// play with cert here
myCertificate.cer must be in your application bundle. I create the cer file with openssl. If you are planning to use this in iOS application, make sure your certificate contains required extensions, check here. Even though the answer is -1, it helped me to get this running.
Look at SecKeyGeneratePair I think this is what you are looking for.