Hi there!
Does any of you have a clue how to alter the contents of Security.framework/TrustStore.sqlite3. It seems as if the iphone uses it to store trusted CA certificates. I really want my iPod touch to trust my custom certificate. Beside that, does anyone of you know an app (win32) to edit sqlite3 database files (except sqliteman, this one always crashes for me :( ).
Thanks in advance, Max
You can use iPhone Configuration Utility to install certificates.
For the second part of your question, I've use the SQLite extension for Firefox to create and edit sqlite db files.
I can imagine that someone else will encounter this problem, therefore I'd like to answer how it works (Apple won't like to see that):
1st) The iPhoneOS trusts every CA certificate stored in /System/Library/Frameworks/Security.framework/TrustStore.sqlite3
2nd) Some fields in that database contain data which I did not understand, while other's meanings like "SHA1" are quite obvious.
3rd) There are two different TrustStore.sqlite3s on your iPod/iPhone. The second one is located at /private/var/Keychains/TrustStore.sqlite3. The only difference between those is that Apple only trusts the contents of the one in Security.framework.
4th) The latter one is used to store user installed certificates (thanks, koregan), while the table layout is the same.
5th) Open your self-signed certificate using Mail or Safari and install it.
6th) Open /private/var/Keychains/TrustStore.sqlite3 using your favourite SQLite database manager and look for the row in tsettings whose "SHA1" BLOB contains the hash of your CA certificate.
7th) Extract the whole row and insert it into TrustStore.sqlite3's tsettings table.
8th) Make sure you copied the database back to the device, reboot it.
9th) By now it should totally trust those certificates which are signed by your custom CA.