Authenticating an HTTP Request with Client Certificates in iOS

February 07, 2013 // Tagged in: technology, software, mobile, iOS, http, objective-c

I'm writing an app that uses a client-certificate to authenticate while performing a SOAP request. Unfortunately, I'm writing this app in PhoneGap, and the iOS WebView does not support Client Certificates for AJAX requests. I found some various sources of code and examples for doing this, but it took quite a bit of work to get the final result, so I wanted to post my code and explain how I made it work. I wrote this as a PhoneGap plugin, so I can call the method from javascript, and have the result returned (via a callback function) in the normal PhoneGap plugin style, but I suppose this could be used for any client-certificate authenticated request in a native iOS app. Here's the important code:

The options object contains my url (host) and my soap request (an xml string data)

Then I have NSURLConnection Delegate Methods to receive the response. One in particular, didReceiveAuthenticationChallenge is where I handle the client-certificate.

Then, We need extractIdentity to pull the identity out of a certificate

Blam! That was the hardest part. From there, just use your other NSURLConnection delegate methods to handle the connection states and events. See my full code below for examples.

Edit 3/28/14: Note: I am not an objective-c developer. I was able to work on this at the time due to need, but I probably will not be able to help you debug any issues with it. Feel free to use it and adapt it, with an attribution to me (MIT License, see link below), but you should ask questions on StackOverflow.