Does SecTrustEvaluate() look for root certificates in the application keychain?

Question

The docs say: “If not all the certificates needed to verify the leaf certificate are included in the trust management object, then SecTrustEvaluate searches for certificates

Answer 1

eskimo1 from Apple Devforums answered this so:

1. Does SecTrustEvaluate() look for root certificates in the application keychain?

Not by default. However, it's easy to make it do this by getting the certificates out of your keychain (or from wherever) and applying them to the SecTrust object using SecTrustSetAnchorCertificates.

SecTrustEvaluation /will/ find intermediate certificates in your keychain.