-
Notifications
You must be signed in to change notification settings - Fork 877
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
IoTDataManager Connection with x509 and Private Key provided at run-time #5300
Comments
Hi @michael-aiphone, thanks for opening this question. I'm not too familiar with the IoT APIs myself but if you could provide us more details as to what you'd expect it to look like when using the AWSIoTManager/AWSIoTDataManager, such as what inputs you are looking to provide it, what it should do, code examples, we may be able to provide more guidance on the topic. |
Thank you for getting back to me on this so swiftly 😁. This is the crux of what I have currently: App Delegate
View Controller
A nice to have for me would be some function on the AWSIoTManager that imports an identity via a x509 cert and private key. This would still allow me to use the same .connect method on the iotDataManager. Something like:
But maybe there is already a way to do this that I cannot seem to find in the documentation, I'm just not sure. 😅 |
Hi @michael-aiphone, thanks for the additional details. I found this sample https://github.com/awslabs/aws-sdk-ios-samples/blob/main/IoT-Sample/Swift/README.md seems to reference some pre-build time steps to add a cert
I'm not too sure all the details at the moment, but this does seem to imply that AWSIoTManager may be reading the cert from the main Bundle. Are you currently implementing or have implemented a |
To clarify, the code above is the solution where the identity is included in bundle. The steps I did are outlined as follows. What I can currently do and confirmed that it works: (and what the tutorials show)
The issue I am trying to solve:
SummaryI am wondering if there is a way that I can manually create an identity from those X509 credentials and add it to KeyChain and then call the .connect() method (since the connect method requires cert be in KeyChain). If this is possible, what would I use for the certId? --(in the provided p12 import the cert id was relative path) -- Or would it be possible to add a new method to the library that will create and add an identity to the keychain from that format? Another alternative would be a different .connect() method that allows me to provide those credentials at runtime. For further context, my Android colleague is using the SDK for Java and says they include a method for Android to provide the credentials like the following. In this snippet we can see they are using a builder pattern so admittedly it a bit different but it does allow for providing the credentials from X509 string data. In essence, I am looking to replicate this functionality on the iOS side in whatever way is possible/best with the stipulation that I cannot include the certificate information in the app bundle. Android doing what I want my iOS to do
Thanks for reading this short novel :) |
@lawmicha |
Hi @michael-aiphone , I am not familiar with AWS IoT, but upon reviewing the delaration of |
State your question
I am new to the AWS ecosystem, this framework and IoT communication in general so please forgive me if I confuse some terminology here.
After following the IoT tutorials, I was able to establish communication with a test AWS IoT Thing using a bundled p12 cert via AWSIoTManager.importIdentity(...) and AWSIoTDataManager.connect(withClientId: cleanSession: certificateId).
However, due to some quirky legacy APIs that my client is working with I will be getting the certificate(x509 format) information and private key at runtime from the server. Is there some convenient way I can configure my AWSIoTManager/AWSIoTDataManager to handle this need without having to resort to something like finding a good copy of openSSL and converting the format on the fly or...?
Which AWS Services are you utilizing?
AWS IoT
Provide code snippets (if applicable)
Environment(please complete the following information):
AWSiOSSDKV2 2.35.0
SPM (/aws-sdk-ios-spm)
5.0
Device Information (please complete the following information):
Simulator -> iPhone 15
The text was updated successfully, but these errors were encountered: