Obtain a certificate reference and store it in a password-protected data vault to use for X.509 certificate authentication.
// Obtain a reference to the certificate store SUPCertificateStore *certStore = [SUPCertificateStore getDefault]; // Import a certificate from iPhone keychain (into memory) NSString *label = ...; // ask user to select a label NSString *password = ...; // ask the user for a password SUPLoginCertificate *cert = [certStore getSignedCertificate:label withPassword:password]; // Alternate code: import a certificate blob from the server into memory (server must be specially configured for this): NSString *windows_username = .... // Windows username for fileshare on server where the password is stored NSString *windows_password = .... // Windows password NSString *cert_password = .... // Password to unlock the certificate SUPLoginCertificate *cert = [certStore getSignedCertificateFromServer:windows_username withServerPassword:windows_password withCertPassword:cert_password]; // Lookup or create data vault NSString *vaultPassword = ...; // ask user or from O/S protected storage NSString *vaultName = "..."; // e.g. "SAP.CRM.CertificateVault" NSString *vaultSalt = "..."; // e.g. a hard-coded random GUID SUPDataVault *vault; @try { // Get vault, or create it if it doesn't exist if(![SUPDataVault vaultExists:vaultName]) vault = [SUPDataVault createVault:vaultName withPassword:vaultPassword withSalt:vaultSalt]; else vault = [SUPDataVault getVault:vaultName]; // Save certificate into data vault [vault unlock:vaultPassword withSalt:vaultSalt]; [cert save:label withVault:vault]; } @catch (NSException *ex) { // Handle any errors } @finally { // Make sure vault is locked even if an error occurs [vault lock]; }