2

我想通过代码使用网络扩展框架连接 Vpn。

我有一个 P12 证书来进行 VPN 连接,还有一个 Root CA (Crt) 证书来验证 P12 证书。

我的问题是以编程方式验证 P12 证书。

我正在使用下面的代码连接到 VPN。

 let p = NEVPNProtocolIKEv2()

        p.authenticationMethod = NEVPNIKEAuthenticationMethod.None
        p.useExtendedAuthentication = true
        p.serverAddress = "102.xxx.xxx.xx"
        p.remoteIdentifier = "102.xxx.xxx.xx"
        p.disconnectOnSleep = false
        p.deadPeerDetectionRate = NEVPNIKEv2DeadPeerDetectionRate.Medium
        // TODO: Add an option into config page

        manager.localizedDescription = "VPN On - \(title)"

        if let grp = group {
            p.localIdentifier = grp
        } else {
            p.localIdentifier = "VPN"
        }

        if let username = account {
            p.username = username
        }



        if let certficiateData = certificate {
            p.authenticationMethod = NEVPNIKEAuthenticationMethod.Certificate
            p.serverCertificateCommonName = server
            p.serverCertificateIssuerCommonName = "Root-CA"
            if #available(iOSApplicationExtension 8.3, *) {
                p.certificateType = NEVPNIKEv2CertificateType.RSA
            } else {
                // Fallback on earlier versions
            }


// Here i Provide Certificate Data . 

                   let rootCertPath = NSBundle.mainBundle().pathForResource("certificate", ofType: "p12")
                    let certficiateData  = NSData(contentsOfFile: rootCertPath!)

// I need to verify above P12 Certificate with rootCA.crt  before Passing to identityData 

            p.identityData = certficiateData
        }

        manager.enabled = true
        manager.`protocol` = p
4

0 回答 0