#StackBounty: #ios #ssl-certificate #ios12 #ssl-client-authentication create iOS 12 NWConnection that uses client cert

Bounty: 50

I’m trying to set up an NWConnection that does client side certs:

self.connection = NWConnection(
    host: NWEndpoint.Host("servername"),
    port: NWEndpoint.Port(integerLiteral: 8899),
    using: .tls)

But I think that simple .tls class var needs to be a much more involved NWParameters object, but I’m at a complete loss (documentation is pretty sparse) as to what I create there to attach the client certs to the parameters. Nor do I know how I even move from .crt/.pem file to something the app manages programatically.

What is an example of how one would configure the NWParameters to support the client certs?

Context

I’m trying to set up a client connection to communicate with an MQTT broker using client side certificates. I’ve been able to proof-of-concept this all on the Linux side using command line. The MQTT broker is set to require client cert, and a command like:

mosquitto_pub -h servername -p 8899 -t 1234/2/Q/8 -m myMessage --cafile myChain.crt --cert client.crt --key client.pem

does the job nicely. But OpenSSL is enough a black box (to me) on iOS that I don’t know where to go from here. I have been able to get all of the other MQTT communications work with my NWConnection instances, including server side TLS and even if it’s self signed.


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.