Signing iPhone iPhone configuration profile with Ruby on Rails

Question

Signing iPhone iPhone configuration profile with Ruby on Rails

I create a valid iPhone configuration XML profile and deliver it through the Rails page.

I'm trying to figure out how to programmatically sign an x509 XML file so that iPhone recognizes it as a signed profile

This is a good tutorial on signing an iPhone configuration profile http://www.rootmanager.com/iphone-ota-configuration/iphone-ota-setup-with-signed-mobileconfig.html

In particular, for this, an unsigned company.mobileconfig file will be signed on the command line

openssl smime -sign -in company.mobileconfig -out signed.mobileconfig -signer server.crt -inkey server.key -certfile cert-chain.crt -outform der -nodetach

What would be the equivalent command in Ruby on Rails if I have an XML file in line? I can find a lot of documentation about servicing content over the SSL connection with the rails, but not mention signing any content before delivery.

+3

ruby ruby-on-rails iphone openssl

pyromanfo Dec 15 '10 at 2:40

source share

2 answers

Just FYI - I had to add to_der to the end for my work to work:

 sign = OpenSSL::PKCS7.sign(cert, key, profile, [], OpenSSL::PKCS7::BINARY).to_der

0

chrishale Jun 28 '13 at 23:55

source share

mhorbul · Accepted Answer · 2011-02-17T18:50:51+0000

Below the line of code will sign the iPhone configuration XML profile.

 ssl_key_str = File.read("/path/to/private.key") ssl_key = OpenSSL::PKey::RSA.new(ssl_key_str) ssl_cert_str = File.read("/path/to/certificate.crt") ssl_cert = OpenSSL::X509::Certificate.new(ssl_cert_str) profile = File.read("/path/to/profile.mobileconfig") signed_profile = OpenSSL::PKCS7.sign(ssl_cert, ssl_key, profile, [], OpenSSL::PKCS7::BINARY)

Signing iPhone iPhone configuration profile with Ruby on Rails

More articles: