Function

SecTrustCopyExceptions(_:)

Returns an opaque cookie containing exceptions to trust policies that will allow future evaluations of the current certificate to succeed.

Declaration

func SecTrustCopyExceptions(_ trust: SecTrust) -> CFData

Parameters

trust

The evaluated trust management object whose policies you wish to retrieve.

Return Value

An opaque cookie. If you pass this cookie to SecTrustSetExceptions(_:_:), that function sets a list of exceptions for future processing of the certificate. Once this list of exceptions are set, a subsequent call to SecTrustEvaluateWithError(_:_:) for that certificate will return true.

Note: If a new error occurs that did not occur when this function was called originally, the subsequent call to SecTrustEvaluateWithError(_:_:) can still fail. For example, if the certificate expires between calling SecTrustCopyExceptions and SecTrustEvaluateWithError(_:_:), evaluation will fail.

Discussion

Normally this API should only be called after asking the user how to proceed, and even then, only if the user explicitly tells your application to trust the current certificate chain in spite of the errors presented.

See Also

Trust Components

func SecTrustCopyPublicKey(SecTrust) -> SecKey?

Returns the public key for a leaf certificate after it has been evaluated.

func SecTrustGetCertificateCount(SecTrust) -> CFIndex

Returns the number of certificates in an evaluated certificate chain.

func SecTrustGetCertificateAtIndex(SecTrust, CFIndex) -> SecCertificate?

Returns a specific certificate from the certificate chain used to evaluate trust.

func SecTrustGetVerifyTime(SecTrust) -> CFAbsoluteTime

Gets the absolute time against which the certificates in a trust management object are verified.

func SecTrustCopyAnchorCertificates(UnsafeMutablePointer<CFArray?>) -> OSStatus

Retrieves the anchor (root) certificates stored by macOS.

func SecTrustCopyCustomAnchorCertificates(SecTrust, UnsafeMutablePointer<CFArray?>) -> OSStatus

Retrieves the custom anchor certificates, if any, used by a given trust.

func SecTrustCopyPolicies(SecTrust, UnsafeMutablePointer<CFArray?>) -> OSStatus

Retrieves the policies used by a given trust management object.

func SecTrustCopyProperties(SecTrust) -> CFArray?

Returns an array containing the properties of a trust object.