Technical Q&A QA1360

Describing the kSecTrustResultUnspecified error.

Q: I am receiving a kSecTrustResultUnspecified (4) error while checking the validity of certificates that I know to be valid, what does this mean?

A: The semantics behind receiving a kSecTrustResultUnspecified (4) error from Security APIs is that the certificate is indeed valid. However, the user has not explicitly set the trust settings for the certificate via Keychain Access. If the user then sets an explicit trust setting, e.g. "always trust" or "never trust" in the UI, then you should receive kSecTrustResultProceed, kSecTrustResultConfirm or kSecTrustResultDeny instead of kSecTrustResultUnspecified when making Security API calls to validate the certificate.

Note: If the certificate is invalid kSecTrustResultUnspecified can never be returned. Only kSecTrustResultFatalTrustFailure, kSecTrustResultRecoverableTrustFailure, or kSecTrustResultOtherError will be returned.

Document Revision History

Date	Notes
2007-02-05	First Version

Posted: 2007-02-05

Did this document help you?
Yes: Tell us what works for you. It’s good, but: Report typos, inaccuracies, and so forth. It wasn’t helpful: Tell us what would have helped.


ADC Home > Reference Library > Technical Q&As > Security > Authentication >

Technical Q&A QA1360 Describing the kSecTrustResultUnspecified error.

Q: I am receiving a kSecTrustResultUnspecified (4) error while checking the validity of certificates that I know to be valid, what does this mean?

Document Revision History

Technical Q&A QA1360

Describing the kSecTrustResultUnspecified error.