How to verify a x509 certificate from Apple on a Ubuntu server?
I'm trying to verify GameCenter authentication on an iOS app with GameKit. The fetchItems API returns a URL for the public key needed to do this.
Steps 3 and 4 of that API say:
- Use the publicKeyURL on the third-party server to download the public key.
- Verify with the appropriate signing authority that Apple signed the public key.
The public key URL I usually get is https://static.gc.apple.com/public-key/gc-prod-5.cer.
On my Mac, I simply download this cert and call X509Certificate2.Verify() in C#, and it returns true. However, calling this function on an Ubuntu server returns false. The error message I get on the server from X509Chain is:
Status information: unable to get local issuer certificate
The cert in question appears to be CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US.
How do I get this cert on my Ubuntu server, so that I can verify the public key from Apple? Is there a common registry of certs where I can download it?
