Adding a self-signed certificate to iphone Simulator?

回眸只為那壹抹淺笑 提交于 2019-12-28 01:43:06

问题


I have a self-signed certificate at the endpoint of my API. I'm trying to test some things using the simulator but am getting "untrusted server certificate".

I have tried to use safari on the simulator to download the .crt file, but that doesn't seem to work.

Where does iPhone Simulator get its keychain from? How can I add a trusted certificate so my application will work?

UPDATE

I got it to work by creating a CA and then adding a CA certificate using the iPhone provisioning tool. Then I was able to have a certificate signed by that CA certificate on the API server and the NSConnection just worked. I was not able to get it to work using a self-signed certificate for some reason. I need to re-attempt this using the provisioning software.

My real question is how do I get this to work on the simulator? I would think that the simulator uses the keychain of the actual computer.


回答1:


Just for Info, if someone still runs into that problem:

simply drag & drop your .cer Files into your running Simulator window. You'll see Safari flashing and then the import dialog for your Certificate (or Certificate Authority)...

Working for iOS 7 Simulator (and i Think did work for iOS 6 too).




回答2:


For those who find that the dragging and dropping of the certificate on the Simulator isn't working, there was a recent change that adds an extra step.

The Simulator must be explicitly told to trust the root CA. Do this by going to:

General -> About -> Certificate Trust Settings -> "Enable Full Trust for Root Certificate" for your particular certificate

See the full answer here:




回答3:


I had this same issue for months and today I FINALLY solved it with:

ADVTrustStore

You are going to want to use a project called ADVTrustStore from github. It does some fancy magic but it will correctly install certificates into your root trust-store on the simulator.

Steps to install a custom cert

# Clone the repo
git clone https://github.com/ADVTOOLS/ADVTrustStore.git

# Enter the repo directory
cd ADVTrustStore/

# Copy your .crt file 
cp somewhere/something.crt my.crt

# conver to a .pem file
openssl x509 -in my.crt -out my.pem -outform PEM

# Install the pem in the simulators
./iosCertTrustManager.py -a my.pem

Using this process I was able to get GoogleStreetView images to render correctly while behind a corporate firewall using SSL resigning with self-signed certificates

Background

I was using CharlesProxy and i noticed it was correctly installing certificates into the Simulator but they did not show up in the Settings - Profiles section. Then after some searching I discovered this tool. There are probably a few other tools out there but in my case the drag-and-drop never worked correctly for all cases. Safari would be fine but not my applications.




回答4:


Take a look at the shell script Charles uses to install their self signed cert into the simulator's keychain. http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/

See also:

  • iPhone TrustStore CA certificates
  • http://redgreenrefactor.eu/blog/testing-https-on-iphone-simulator/

It looks like installing your own certificate in the simulator may require installing it on a device via Safari and then copying the resulting row from the device's TrustStore.sqlite3 into the simulator's.




回答5:


Using iPhone Backup Extractor, I copied my iPhone's TrustStore.sqlite3 into ~/Library/Application Support/iPhone Simulator/6.0/Library/Keychains, overwriting the existing file. I tried to only insert a single row with the following sqlite, but I couldn't get it working.

sqlite3 ~/backup/iOS\ Files/TrustStore.sqlite3
sqlite3>.mode insert
sqlite3>.output working.sql
sqlite3>select * from tsettings;
sqlite3>.quit

Now, working.sql has the entire contents of the tsettings table (in my case, 1 row).

sqlite3 ~/Library/Application\ Support/iPhone\ Simulator/6.0/Library/Keychains/TrustStore.sqlite3
sqlite3>INSERT INTO tsettings VALUES(X'...
sqlite3>.quit

Again, the above sqlite commands didn't work for me, but might be a good starting point for someone else. Copying the entire TrustStore.sqlite3 from the backup into the simulator worked just fine.




回答6:


Take a look at the iostrust Ruby gem: http://github.com/yageek/iostrust



来源:https://stackoverflow.com/questions/2219707/adding-a-self-signed-certificate-to-iphone-simulator

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!