I'm trying to figure out what exactly means the status code errSecDuplicateItem
for the SecItemAdd
method when trying to add a certificate identity to the iOS keychain.
Reading the iOS documentation, it only says that this status code means the item is duplicated in the keychain, but what is the criteria to determine if an identity is a duplicate? Issuer name? Expiration date? Both?
If you read to the Mac OSX documentation, the discussion section for a similar method says the following:
If the certificate has already been added to the specified keychain, the function returns errSecDuplicateItem and does not add another copy to the keychain. The function looks at the certificate data, not at the certificate object, to determine whether the certificate is a duplicate. It considers two certificates to be duplicates if they have the same primary key attributes.
I know there is a difference, I'm trying to save the certificate identity in the keychain, and this discussion is for the SecCertificateAddToKeychain
method which saves the certificate; but I believe there is a connection.
What's the meaning of "primary keys attributes"
?
I tried adding the same identity twice and of course I get the errSecDuplicateItem
, but I'm afraid that users may get an error if they want to update the certificate in someway I'm not considering.
Any thoughts?
Thanks in advance