Current location - Quotes Website - Signature design - IOSDM details (3)- generate mobileconfig configuration file and signature
IOSDM details (3)- generate mobileconfig configuration file and signature
For example:

There are two ways to make configuration files: iPhone configuration tool and handwritten XML file. I use the former for the convenience of operation (online it is said that this has been abandoned by Apple, and it seems that it will not affect the file generation).

Open File-Create a new configuration file, mainly involving the following configurations:

At this point, the configuration settings are basically completed. When saving or exporting, you will be prompted to sign the configuration file. Just select None.

We can directly modify this XML file, according to which other required fields can be added to the profile reference. You can also modify it yourself on this basis (it is estimated that it is easy to miss or make mistakes). I still prefer to operate it more conveniently in the iPhone configuration tool.

The configuration file generated above can actually be installed directly on the device. If the installation is successful, the following red prompt "unsigned" will appear.

Signing goes through two operations, one is MDM server signing. Second, sign with the certificate issued by Apple.

The following certificate files are required:

Can be executed at the terminal: OpenSSL mime-sign-in unsigned. Mobile config- external signature. Mobile config- signing server. CRT-inkyserver。 Key-certificate file certificate-chain. Cathode ray tube-transformer-node connection.

(The above is the operation flow of Java background signature, which I didn't verify, so I put it here as a summary of the operation steps).

I guess MDM Sever's signature is only for the authentication of the client and the description of the encryption process of the file, just to let them know each other, and it has nothing to do with whether the iOS system recognizes it or not. So after the above operation, it will also prompt' unsigned'. (This operation can be omitted in the actual test).

The following actions are referenced from the network.

There are several options for this operation, and here I use script signature.

With the help of the powerful github, we found a python script to sign.

1. Sign the mobile configuration.

Profile_signer.py is placed in the same directory as mobileconfig, and the terminal enters this directory for execution.

. /profile_signer.py -n "third-party Mac developer application" signature acrobat pro. mobileconfiguration acrobat pro signed. mobileconfiguration

2. Encrypt mobileconfig

. /profile_signer.py -n "third-party Mac developer application" encrypts Acrobat Pro. MobileConfig Acrobat Pro NC. MobileConfig.

3. Sign and encrypt mobileconfig.

. /profile_signer.py -n "third-party Mac developer application" acrobat pro.mobileconfiguration acrobat probot.mobileconfiguration

"Third-party MAC developer application" is the full name of your certificate in the keychain. Select Certificate => Display Introduction => Copy the quoted common names, such as

"iPhone developer: jakey Shao xxxx@xxx.com"

"iPhone Distribution: tian hu Network Technology Co., Ltd."

669111-ee9c-4db7-bfce-6564cc1b4e1a If you can read the certificate correctly, you will be prompted to allow access to the keychain. Click Allow!

The final installation prompt has been verified.

Related articles
  • Is kt7 a blank rubber sole?
  • Why do the old players in Genshin Impact like to bring in new players?
  • A person likes to look up at the starry night sky alone - sad QQ talk
  • Sad sentences suitable for signature
  • How to evaluate Liu Shishi
  • Which NBA superstars are the most popular in China?
  • What are those strange words typed by some people on the Internet?
  • Example of school traffic safety commitment letter
  • Performance balance+extreme workmanship +5.5-inch screen Huawei G7 evaluation
  • Which school is good for Hunan self-taught financial undergraduate course?

    • copyright 2024 Quotes Website All rights reserved