Q: I am receiving a kSecTrustResultUnspecified (4) error while checking the validity of certificates that I know to be valid, what does this mean?A: The semantics behind receiving a kSecTrustResultUnspecified (4 ) error from Security APIs is that the certificate is indeed valid. However, the user has not explicitly set the trust settings for the certificate via Keychain Access. If the user then sets an explicit trust setting, e.g. "always trust" or "never trust" in the UI, then you should receive kSecTrustResultProceed, kSecTrustResultConfirm or kSecTrustResultDeny instead of kSecTrustResultUnspecified when making Security API calls to validate the certificate. Note: If the certificate is invalid kSecTrustResultUnspecified can never be returned. Only kSecTrustResultFatalTrustFailure, kSecTrustResultRecoverableTrustFailure, or kSecTrustResultOtherError will be returned. Document Revision HistoryDate | Notes |
---|
2007-02-05 | First Version |
Posted: 2007-02-05
|