cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Kapsel AuthProxy read client cert from store

Go to solution
former_member202810
Explorer

on ‎04-29-2015 9:33 AM

0 Kudos

Hello Friends,

A quick one on the auth proxy- it provides an api method "certificatefromstore" to retrieve client cents from system store ( eg. iOS keychain). However the arguments, it takes is only an alias name to locate the cert? iOS keychain values can be accessed through a key and service pair only- just wondering if anyone has tried this and did it work .Where do we get the alias name from? The Cordova plugin for keychain does not seem to work as well to retrieve the clientcert from iOS keychain Any thoughts?

Regards,

Brijesh

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

midhun_vp
Active Contributor
‎04-29-2015 6:49 PM
0 Kudos

Hi Brijesh,

I assume that the alias name is the certificate name. Name of the certificate that you installed on the device.

var cert = new.sap.AuthProxy.CertificateFromStore("SAPCertificate");

Regards,Midhun

SAP Technology RIG

Show replies
Show replies
former_member202810
Explorer
‎04-29-2015 8:35 PM
0 Kudos

Yes, that seems to be the case- I figured out the same after struggling a while! Ideally there should not be any hard binding to locate a cert based on its aliases. Each user cert may have different aliases. For e.g. the client that I work for generates client user certs through an app on the device ( App-->CSR-->SCEP-->CA--->Cerificate received from CA and stored in a shared keychain with Active Directory user Login name). In this case, each user cert has a different name specific to their login!

One should be able to locate certs on iOS app keychain or shared keychains with a key/value pair. The cordova plugin for Keychain uses a similar key/value pair concept to locate the cert- although I had to modify a bit of the plugin code to retrieve the certificate identity (SecIdentityRef) and pass it to SMP for registration. The current version of the Cordova keychain plugin does not seem to work with SAPUI5. ( or may be I could not get it working!)

Nevertheless, many thanks for your help Midhun.

Regards,

Brijesh

Answers (0)

Ask a Question