stackoom
  简体   繁体   中英

Retrieve Client ios app certificate

 原文  2013-07-19 15:35:18       ios/ certificate/ burp

Question

I want to proxy traffic from an ios application to Fiddler (or Burp). It looks like the application sends a client certificate to the server.

I will need to retrieve this cert from the phone(it's jailbroken) and import it to my proxy. Is there a way to do that ?

1 answers

solution1
 1  2013-07-19 16:11:22

The client certificate is used to identify the client. If the programmer of the app made his job well, you will face difficulties (hopefully). Likely, and most secure, the private key and identity resides in the key-chain. Less secure, it resides in a secured archive (.p12, .pkcs12, .pfx) in the bundle, whose password resides in the key-chain.

If the programmer did his job not so well, you might find the password of the secured archive in the clear somewhere in the apps binary (there're actually floating samples around which do exactly this).

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use Client Certificate Authentication in iOS App Using Client SSL Certificate from .mobileconfig within Enterprise iOS app Is it possible to use a client certificate installed on an iOS device within my app? Custom Certificate in iOS App test iOS certificate and app Saving and loading client certificate on iOS Client Certificate on iOS: Best Practices Swift iOS Client Certificate Authentication Client certificate authentication in UIWebView iOS Client Certificate Authentication with Xamarin iOS
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM