@@ -400,29 +400,26 @@ public func installApp(from ipaURL: URL) throws {
400400 var tlsIdentity : sec_identity_t ? = nil
401401 var tlsEnabled = false
402402 let p12URL = sslDir. appendingPathComponent ( " localhost.p12 " )
403- let p12PasswordURL = sslDir. appendingPathComponent ( " p12_password.txt " )
404403
405404 if fm. fileExists ( atPath: p12URL. path) {
406- // try to read password (if provided)
407- var p12Pass : String ? = nil
408- if fm. fileExists ( atPath: p12PasswordURL. path) {
409- p12Pass = try ? String ( contentsOf: p12PasswordURL, encoding: . utf8) . trimmingCharacters ( in: . whitespacesAndNewlines)
410- }
411-
412405 if let pData = try ? Data ( contentsOf: p12URL) {
413- let options : CFDictionary = [ kSecImportExportPassphrase as String : p12Pass ?? " " ] as CFDictionary
406+ // PKCS#12 has no password; pass empty string
407+ let options : CFDictionary = [ kSecImportExportPassphrase as String : " " ] as CFDictionary
414408 var items : CFArray ? = nil
415409 let status = SecPKCS12Import ( pData as CFData , options, & items)
416- if status == errSecSuccess, let arr = items as? [ [ String : Any ] ] , let first = arr. first,
417- let identityRef = first [ kSecImportItemIdentity as String ] as? SecIdentity {
410+ if status == errSecSuccess,
411+ let arr = items as? [ [ String : Any ] ] ,
412+ let first = arr. first,
413+ let identityRef = first [ kSecImportItemIdentity as String ] as? SecIdentity
414+ {
418415 // convert to sec_identity_t for sec_protocol_options_set_local_identity
419416 if let secId = sec_identity_create ( identityRef) {
420417 tlsIdentity = secId
421418 tlsEnabled = true
422419 // NOTE: Do NOT free sec_identity_t here; leave it for the listener while running.
423420 }
424421 } else {
425- print ( " PKCS12 import failed or password incorrect (status \( status) ). Will start HTTP only. " )
422+ print ( " PKCS12 import failed (status \( status) ). Will start HTTP only. " )
426423 }
427424 }
428425 }
0 commit comments