IceTouch and client certificates

grembogrembo Michael GmelinOrganization: Grem Equity GmbHProject: E-Commerce platformMember
Hi,

Reading the documentation it seems like the client certificates used in IceTouch are loaded from the application bundle. Does that mean that there can be only one client certificate per deployment of an app, or is it possible to use client certificates stored on the iPhone (like you can send to the phone via Email or even better push onto the phone using the iPhone configuration utility). We're planing on using client certificates to authenticate clients (like we do in all of our other client services) and been wondering, if this is an actual option.

br
Michael

Comments

  • benoitbenoit Rennes, FranceBenoit FoucherOrganization: ZeroC, Inc.Project: IceAdministrators, ZeroC Staff ZeroC Staff
    Hi Michael,

    I don't think it's currently possible to use certificates installed by the iPhone Configuration utility or by the user through email. I will add this to our TODO list.

    If you have a commercial need or would like to sponsor the addition of this feature please contact us at [email protected]

    Cheers,
    Benoit.
  • grembogrembo Michael GmelinOrganization: Grem Equity GmbHProject: E-Commerce platformMember
    Hi Benoit,

    right now I'm evaluating if we should use Ice for our in-house solutions (these are Apps that will never hit Apple's App Store because they're only used within our organization). Right now we do all authentication within the enterprise through personalized x509 client certificates, so it would seem natural to use this approach for iPhone applications as well - using a certificate from within the application bundle clearly is designed for a different use case. I assume that IceTouch has a similar license as "normal" Ice, so it should be possible for us to poke around in the source and see if we can add this on our own - I prefer donating source code over money, cause for source it's much easier to get management approval for ;). In general I consider this a must have feature in an enterprise environment - for consumer apps in contrast nobody will ever use this feature I guess.

    cheers
    Michael
Sign In or Register to comment.