diff --git a/README.md b/README.md index 36257b664..00196e29c 100644 --- a/README.md +++ b/README.md @@ -143,15 +143,6 @@ The best way to interact with our team is through GitHub. If you have a support plan with [AWS Support](https://aws.amazon.com/premiumsupport/), you can also create a new support case. -#### Mac-Only TLS Behavior - -Please note that on Mac, once a private key is used with a certificate, that certificate-key pair is imported into the Mac Keychain. All subsequent uses of that certificate will use the stored private key and ignore anything passed in programmatically. Beginning in v1.7.3, when a stored private key from the Keychain is used, the following will be logged at the "info" log level: - -``` -static: certificate has an existing certificate-key pair that was previously imported into the Keychain. - Using key from Keychain instead of the one provided. -``` - ## Resources Check out our resources for additional guidance too before opening an issue: diff --git a/crt/aws-crt-cpp b/crt/aws-crt-cpp index 996c520d3..b6417662c 160000 --- a/crt/aws-crt-cpp +++ b/crt/aws-crt-cpp @@ -1 +1 @@ -Subproject commit 996c520d39b665304c8f376d2d72b339a5451034 +Subproject commit b6417662c0254f7fac5382d080a4dacd78e4afca diff --git a/documents/FAQ.md b/documents/FAQ.md index dfd192ab7..c9e891718 100644 --- a/documents/FAQ.md +++ b/documents/FAQ.md @@ -13,6 +13,7 @@ * [How to debug in VSCode?](#how-to-debug-in-vscode) * [What certificates do I need?](#what-certificates-do-i-need) * [Where can I find MQTT 311 Samples?](#where-can-i-find-mqtt-311-samples) +* [Certificate and Private Key Usage Across Different Versions of the SDK on macOS](#certificate-and-private-key-usage-across-different-versions-of-the-sdk-on-macos) * [I still have more questions about this sdk?](#i-still-have-more-questions-about-this-sdk) ### Where should I start? @@ -173,6 +174,9 @@ Here is an example launch.json file to run the x509 pubsub sample: * You should have generated/downloaded private and public keys that will be used to verify that communications are coming from you * When using samples you only need the private key and it will look like this: `--key abcde12345-private.pem.key` +### Certificate and Private Key Usage Across Different Versions of the SDK on macOS +A certificate and private key pair cannot be shared on a macOS device between aws-iot-device-sdk-cpp-v2 v1.41.0 and an earlier version. In the update to v1.41.0 we migrated macOS from using Apple's deprecated Security Framework to SecItem API. In doing so, certificate and private keys are imported in a non-backwards compatible manner into the Apple Keychain. + ### Where can I find MQTT 3.1.1 Samples? The MQTT 3.1.1 samples can be found in the v1.40.0 samples folder [here](https://github.com/aws/aws-iot-device-sdk-cpp-v2/tree/v1.40.0/samples)