I have a self-signed certificate at the endpoint of my API. I'm trying to test some things using the simulator but am getting "untrusted server certificate".
I have tried to use safari on the simulator to download the .crt file, but that doesn't seem to work.
Where does iPhone Simulator get its keychain 开发者_开发问答from? How can I add a trusted certificate so my application will work?
I got it to work by creating a CA and then adding a CA certificate using the iPhone provisioning tool. Then I was able to have a certificate signed by that CA certificate on the API server and the NSConnection just worked. I was not able to get it to work using a self-signed certificate for some reason. I need to re-attempt this using the provisioning software.
My real question is how do I get this to work on the simulator? I would think that the simulator uses the keychain of the actual computer.
Simply drag & drop your .cer Files into your running Simulator window. You'll see Safari flashing and then the import dialog for your Certificate (or Certificate Authority)...
Working for iOS 7 Simulator (and i Think did work for iOS 6 too).
For those who find that the dragging and dropping of the certificate on the Simulator isn't working, there was a recent change that adds an extra step.
The Simulator must be explicitly told to trust the root CA. Do this by going to:
iOS Settings > General > About > Certificate Trust Settings > "Enable Full Trust for Root Certificate" for your particular certificate
See the full answer here:
I had this same issue for months and today I FINALLY solved it with:
ADVTrustStore
You are going to want to use a project called ADVTrustStore from github. It does some fancy magic but it will correctly install certificates into your root trust-store on the simulator.
Steps to install a custom cert
# Clone the repo
git clone https://github.com/ADVTOOLS/ADVTrustStore.git
# Enter the repo directory
cd ADVTrustStore/
# Copy your .crt file
cp somewhere/something.crt my.crt
# conver to a .pem file
openssl x509 -in my.crt -out my.pem -outform PEM
# Install the pem in the simulators
./iosCertTrustManager.py -a my.pem
Using this process I was able to get GoogleStreetView images to render correctly while behind a corporate firewall using SSL resigning with self-signed certificates
Background
I was using CharlesProxy and i noticed it was correctly installing certificates into the Simulator but they did not show up in the Settings - Profiles section. Then after some searching I discovered this tool. There are probably a few other tools out there but in my case the drag-and-drop never worked correctly for all cases. Safari would be fine but not my applications.
For anyone use OS X Catalina, please check this : https://forums.developer.apple.com/thread/124056.
Catalina is currently blocking access to Desktop, Documents and Downloads folder. I moved certificate files to Shared folder and drag and drop the files to simulator from there.
Take a look at the shell script Charles uses to install their self signed cert into the simulator's keychain. http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/
See also:
- iPhone TrustStore CA certificates
- http://redgreenrefactor.eu/blog/testing-https-on-iphone-simulator/
It looks like installing your own certificate in the simulator may require installing it on a device via Safari and then copying the resulting row from the device's TrustStore.sqlite3
into the simulator's.
Dragging and drop used to work but it didn't work on XCode 12 for me. What worked for me was opening Safari browser on Simulator and then typing the file URL for the .crt certificate file. Ex.
file:///Users/[folder_path]/[certificate.crt]
After that you have to goto Simulator Settings and install the certificate by navigating into General > Profiles section.
For IOS14, after the dragging, you need go to:
General -> Profile -> select you profile -> install
and then:
General -> About -> Certificate Trust Settings -> "Enable Full Trust for Root Certificate" for your particular certificate
see also https://developer.apple.com/library/archive/qa/qa1948/_index.html
Using iPhone Backup Extractor, I copied my iPhone's TrustStore.sqlite3
into ~/Library/Application Support/iPhone Simulator/6.0/Library/Keychains
, overwriting the existing file. I tried to only insert a single row with the following sqlite, but I couldn't get it working.
sqlite3 ~/backup/iOS\ Files/TrustStore.sqlite3
sqlite3>.mode insert
sqlite3>.output working.sql
sqlite3>select * from tsettings;
sqlite3>.quit
Now, working.sql
has the entire contents of the tsettings table (in my case, 1 row).
sqlite3 ~/Library/Application\ Support/iPhone\ Simulator/6.0/Library/Keychains/TrustStore.sqlite3
sqlite3>INSERT INTO tsettings VALUES(X'...
sqlite3>.quit
Again, the above sqlite commands didn't work for me, but might be a good starting point for someone else. Copying the entire TrustStore.sqlite3
from the backup into the simulator worked just fine.
Take a look at the iostrust
Ruby gem: http://github.com/yageek/iostrust
When I started I couldn't get "Enable Full Trust for Root Certificate" to show up. I was using the certs I generated for nginx with openssl.
What worked was exporting the development cert from Keychain Access and downloading that with Safari in the simulator. Then the "Enable Full Trust for Root Certificate" showed up and I was able to get my application working.
Also, like people above have said dragging and dropping the cert on to the simulator doesn't work anymore. You can download the cert with Safari.
精彩评论