Print View

How to trust an untrusted Certificate Authority in an iOS 3 application


iOS 3 has a limited number of Trusted Root Certificate Authorities as detailed here:

It is possible to install additional Trusted Root Certificate Authorities using the iPhone Configuration Utility, however this will only affect the Safari web browser, and not calls done from within an application such as NSURLConnection sendSynchronousRequest.

The other issue is that Intermediate Certificate Authorities are not supported.


The root or intermediate certificate must be trusted from within the application:

float version = [[[UIDevice currentDevice] systemVersion] floatValue];
if (version < 4) {
    // iPhone 3.0 code here
    NSString *          path;
    NSData *            data;
    SecCertificateRef   cert;
    path = [[NSBundle mainBundle] pathForResource:@"GeoTrustDVSSLCA" ofType:@"cer"];
    data = [NSData dataWithContentsOfFile:path];
    cert = SecCertificateCreateWithData(NULL, (CFDataRef) data);
    SecItemAdd((CFDictionaryRef) [NSDictionary dictionaryWithObjectsAndKeys:(id) kSecClassCertificate,  kSecClass, cert, kSecValueRef, nil], NULL);


iOS 3.x: List of available trusted root certificates

Importing an SSL cert under the iPhone SDK


Apple iOS 3.1.3

Created: 7th January 2012
Updated: 7th January 2012

Print View

© 2005-2024 Jamie Morrison