验证VPN Conection的P12证书

Question

我想通过使用网络扩展框架的代码连接Vpn。

我有一个P12证书，使VPN连接也是一个根CA（Crt）证书来验证P12证书。

我的问题是以编程方式验证P12证书。

我正在使用以下代码连接到VPN。

 let p = NEVPNProtocolIKEv2()

        p.authenticationMethod = NEVPNIKEAuthenticationMethod.None
        p.useExtendedAuthentication = true
        p.serverAddress = "102.xxx.xxx.xx"
        p.remoteIdentifier = "102.xxx.xxx.xx"
        p.disconnectOnSleep = false
        p.deadPeerDetectionRate = NEVPNIKEv2DeadPeerDetectionRate.Medium
        // TODO: Add an option into config page

        manager.localizedDescription = "VPN On - \(title)"

        if let grp = group {
            p.localIdentifier = grp
        } else {
            p.localIdentifier = "VPN"
        }

        if let username = account {
            p.username = username
        }



        if let certficiateData = certificate {
            p.authenticationMethod = NEVPNIKEAuthenticationMethod.Certificate
            p.serverCertificateCommonName = server
            p.serverCertificateIssuerCommonName = "Root-CA"
            if #available(iOSApplicationExtension 8.3, *) {
                p.certificateType = NEVPNIKEv2CertificateType.RSA
            } else {
                // Fallback on earlier versions
            }


// Here i Provide Certificate Data . 

                   let rootCertPath = NSBundle.mainBundle().pathForResource("certificate", ofType: "p12")
                    let certficiateData  = NSData(contentsOfFile: rootCertPath!)

// I need to verify above P12 Certificate with rootCA.crt  before Passing to identityData 

            p.identityData = certficiateData
        }

        manager.enabled = true
        manager.`protocol` = p