Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Does not work with macOS in Terminal #55

Open
alexisoyama opened this issue Aug 20, 2018 · 6 comments
Open

Does not work with macOS in Terminal #55

alexisoyama opened this issue Aug 20, 2018 · 6 comments

Comments

@alexisoyama
Copy link

alexisoyama commented Aug 20, 2018
edited
Loading

After digging through the code and documentation, I learned that
SSLService.Configuration(withChainFilePath ... is the only supported method on macOS. This wasn't clear to me from the README, but this PKCS12 method is also not working for me.

When I try to connect, it gives me an error:
Error code: 2(0x2), ERROR: Could not load content of PKCS12 file

Here is my code:

let config = SSLService.Configuration(withChainFilePath: "cert/cert.pfx",
                                  withPassword: "password",
                                  usingSelfSignedCerts: true)
socket.delegate = try SSLService(usingConfiguration: config)
try socket.connect(to: "https://----", port: XXXX)

I thought it could've been my certificate so I've also tried generating PKCS12 from following this blog but gave me the same error
https://developer.ibm.com/swift/2016/09/22/securing-kitura-part-1-enabling-ssltls-on-your-swift-server/
@billabt
Copy link
Collaborator

billabt commented Aug 21, 2018

This looks like the certificate you're looking to load is not being found on the path provided. Try passing in a complete fully qualified pathname. I ran some tests here and all seems to be working however, I was able to reproduce the error when I changed the path to a different place. Let me know how you make out.

@alexisoyama
Copy link
Author

alexisoyama commented Aug 21, 2018
edited
Loading

In that case it will throw Certificate chain doesn't exist at specified path error instead.
I tried with a full path and I get a same error.

@alexisoyama
Copy link
Author

alexisoyama commented Aug 21, 2018
edited
Loading

Actually I just ran it on Xcode and it works. It doesn't work when the program is ran directly from the shell, which is what I need. The error seems to be similar to this one: #32

Do you know anything about Keychain Access usage when running this from the terminal?
I've noticed that when I run it in Xcode, it gives me a popup that asks for access to Keychain. Not sure how this will work standalone..

@alexisoyama alexisoyama changed the title Does not work with macOS Does not work with macOS in Terminal Aug 21, 2018
@billabt
Copy link
Collaborator

billabt commented Aug 23, 2018

The difference between running it on the terminal and in Xcode primarily has to do with the path. I suggest that you use the fully qualified pathname of the certificate. Then execute the following commands from the terminal:

security unlock-keychain
security import <full path of certificate> -f pkcs12 -P <password for certificate> -T <full path of the application>

Let me know how you make out...

@alexisoyama
Copy link
Author

Thanks for getting back. Yes I'm using the full path. I tried the above commands but it didn't work. I need to run this program as sudo and that might be causing some problems too. I've also ran the above commands with sudo as well.

@billabt
Copy link
Collaborator

billabt commented Oct 16, 2018

Are you still having this problem? Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexisoyama @billabt