Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
How to fetch the expiry date from PKCS12 certificate using iOS security framework?
Alternately can I use openssl? if yes, please point me towards relevant API’s
Thanks
Great question! If I were doing this coding, I would first try to think of a solution using Keychain Services.
First, you’d need to fetch the keychain item. Say, via `SecItemCopyMatching()’.
This returns a reference to the found items. Preferably a
SecCertificateRef(which is described more in detail in Apple’s Keychain Services Reference guide).I don’t see an easy way to explicitly fetch the metadata (or expiration date) from a
SecCertificateRefoff the top of my head. There’s a code snippet I found on books.google.com from “IOS 5 Programming Pushing the Limits: Developing Extraordinary Mobile Apps” called “Checking Certificate Validity” (pages 218 & 219 — I’ve linked it for you) which basically checks to see if a certificate allows usage based on matching keys (in their example, it’s the subject or domain name; for you, it would be the expiration date). Their technique may help you out.As for using OpenSSL, I found an answer where you can come up with the expiration date from the command line using the openssl tool. If you can get a handle to your certificate, I’m pretty certain this can be done programmatically as well.