I am creating an application that needs to access the SOAP API, and I need to implement XML encryption for WS-Security. Therefore, each copy of the application must generate its own certificates for this. Now the API can also act as a certification authority (CA). So what I need to do is:
- create client certificate on device
- generate a certificate signing request and send it via the API to the server
- get a signed certificate through the API in response to a previous request
- the server API should then use my public key (which it received via CSR) and use it to encrypt
Is this scenario possible? I am thinking about using the openssl library, as it can be ported to the iPhone.
source share