Can you use a mobile config to pass a PKCS12 cert to an iOS app?

I added a PKCS12 file to the Certificates section of the mobileconfig using Apple Configurator. I've installed the profile on the device but I can't see how I can access this cert. I want to use it to response to a NSURLAuthenticationMethodClientCertificate challenge.

Is it possible for an iOS app to get access to the cert this way?

Can you use a mobile config to pass a PKCS12 cert to an iOS app?

No.

This is an ongoing source of annoyance to enterprise developers. I have more details here.

Probably the only thing I’d change in that post is that there’s no need to file another ER for this. I’m confident that the relevant folks fully understand the issue.

There are various ways around this, for example, the idea I discuss here.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi Quinn,

Thanks for your answer and those links.

My app is a VPN app and the cert is packaged with the profile (mobile config). It's used by for some API calls to configure the VPN.

Does that seem like a reasonable use case to create a DTS Tech support ticket for access to the com.apple.managed.vpn.shared keychain group? I'm assuming access would solve my problem.

Thanks for all your help.

Do I need to create a DTS support ticket to get the com.apple.managed.vpn.shared entitlement?

Yes. See point #9 in Network Extension Framework Entitlements.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Can you use a mobile config to pass a PKCS12 cert to an iOS app?
 
 
Q