我目前正在使用SocketRocket作为我的iOS应用程序的WebSocket实现,并希望将我的服务器CA作为具有SR_SSLPinnedCertificates属性的可信证书.我正在寻找一个加载一个或多个证书以传递到SocketRocket的好例子.我有以下代码可以工作,但我不确定它是否正确或是否有更直接的方法.
CFArrayRef keyref = NULL;
NSString *path = [[NSBundle mainBundle] pathForResource:@"certificate" ofType:@"p12"];
NSData *data = [[NSData alloc] initWithContentsOfFile:path];
OSStatus status = SecPKCS12Import((__bridge CFDataRef)data, (__bridge CFDictionaryRef)[NSDictionary dictionaryWithObject:@"eftl_key_pass" forKey:(__bridge id)kSecImportExportPassphrase], &keyref);
if (status == noErr) {
CFDictionaryRef identityDict = CFArrayGetValueAtIndex(keyref, 0);
SecIdentityRef identityRef = (SecIdentityRef)CFDictionaryGetValue(identityDict, kSecImportItemIdentity);
SecCertificateRef certRef = NULL;
SecIdentityCopyCertificate(identityRef, &certRef);
}