Can't extract certificate (Error -26275)

Question

I have UIWebView with NSURLConnection support. I want to add certificate. When I want extract identity and trust from certificate OSStatus returns error -26275. Do you have any ideas how to make it right? Here's the code:

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
NSError *error = nil;
NSString *path = [[NSBundle mainBundle] pathForResource:[@"xxxx.pem" stringByDeletingPathExtension] ofType:[@"xxxx.pem" pathExtension]];
NSData *certData = [[NSData alloc] initWithContentsOfFile:path options:0 error:&error];
CFDataRef inP12data = (__bridge CFDataRef)certData;
SecIdentityRef identity;
SecTrustRef trust;


OSStatus status = extractIdentityAndTrust(inP12data, &identity, &trust);
NSLog(@"status %d", (int)status);
if(status == errSecSuccess) {
    SecCertificateRef certificate;
    SecIdentityCopyCertificate(identity, &certificate);
    const void *certs[] = { certificate };
    CFArrayRef certsArray = CFArrayCreate(NULL, certs, 1, NULL);
    NSArray *certificatesForCredential = (__bridge NSArray *)certsArray;
    NSURLCredential *credential = [NSURLCredential credentialWithIdentity:identity
                                                             certificates:certificatesForCredential
                                                              persistence:NSURLCredentialPersistencePermanent];
    [challenge.sender useCredential:credential forAuthenticationChallenge:challenge];
    CFRelease(identity);
    CFRelease(certificate);
    CFRelease(certsArray);
}
else {
    [challenge.sender cancelAuthenticationChallenge:challenge];
}


}

and extractIdentityAndTrust function:

OSStatus extractIdentityAndTrust(CFDataRef inPKCS12Data, SecIdentityRef *identity, SecTrustRef *trust){
OSStatus securityError = errSecSuccess;


CFStringRef password = CFSTR("XXXXX");
const void *keys[] =   { kSecImportExportPassphrase };
const void *values[] = { password };
CFDictionaryRef optionsDictionary = CFDictionaryCreate(
                                                       NULL, keys,
                                                       values, 1,
                                                       NULL, NULL);
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
securityError = SecPKCS12Import(inPKCS12Data,
                                optionsDictionary,
                                &items);

if (securityError == 0) {
    CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex (items, 0);
    const void *tempIdentity = NULL;
    tempIdentity = CFDictionaryGetValue (myIdentityAndTrust,
                                         kSecImportItemIdentity);
    *identity = (SecIdentityRef)tempIdentity;
    const void *tempTrust = NULL;
    tempTrust = CFDictionaryGetValue (myIdentityAndTrust, kSecImportItemTrust);
    *trust = (SecTrustRef)tempTrust;
}

if (optionsDictionary) {
    CFRelease(optionsDictionary);
}

return securityError;
}

Answer 1

It was the problem with certificate. I looked into console in Organizer -> devices -> current device -> Console and I saw:

Could not load download manifest with underlying error: Error Domain=NSURLErrorDomain Code=-1202 "Cannot connect to the Store"

I've just installed certificate and everything works fine. Here's how:

NSString *rootCertPath = [[NSBundle mainBundle] pathForResource:@"XXXXX" ofType:@"pem"];
NSData *rootCertData = [NSData dataWithContentsOfFile:rootCertPath];

OSStatus err = noErr;
SecCertificateRef rootCert = SecCertificateCreateWithData(kCFAllocatorDefault, (CFDataRef) rootCertData);

CFTypeRef result;

NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
(id)kSecClassCertificate, kSecClass,
rootCert, kSecValueRef,
nil];

err = SecItemAdd((CFDictionaryRef)dict, &result);

if( err == noErr) {
    NSLog(@"Install root certificate success");
} else if( err == errSecDuplicateItem ) {
    NSLog(@"duplicate root certificate entry");
} else {
    NSLog(@"install root certificate failure");
}