I'm trying to use Apple's Secure Transport API on top of an established transport layer, with my own root certificate. I have my root certificate as a SecCertificateRef, but I can't figure out how to make it trusted.
I've examined the following functions, each of which seems tantalizingly close to what I need:
SSLAddDistinguishedName()is unimplemented;SSLSetTrustedRoots()is deprecated;SSLSetCertificateAuthorities()is for client authentication only.
If I could override the SecTrustRef within the SecContextRef, then SecTrustSetAnchorCertificates() would do the job. Unfortunately, this avenue only led me to SSLGetPeerSecTrust() which seems to be an Apple-private API.
Aucun commentaire:
Enregistrer un commentaire