All geek questions in one place

Check if mobileconfig profile is installed on iOS

Install the mobileconfig file via ( Installing a configuration profile on iPhone — software ) on iPhone Desktop.

How to check if this configuration file is installed?

In iPhone Settings->General->provision file I can find a list.

+6
source share
1 answer

I came across the following approach to determine if a mobile configuration is installed or not, but I have not tested it yet.

There is no direct API for this. But there is a workaround to achieve this by verifying certificate trust.

If we attach the self-signed trust ca to the mobile configuration and install on the device, we can check whether the mobile configuration is installed, check the trust level of the leaf certificate signed by self-signed root ca. That is, If the trust check in the sheet certificate failed in the application, means the mobile configuration is not installed or installed

Steps:

  • Create a self-signed root CA, you can do this either using Certificate Assistant or using openssl in the terminal.

  • Create another certificate and sign up with a self-signed root CA

  • Attach the signed certificate created in the previous step to xcode

  • Attach a self-signed root CA as part of Mobile Config

    • Open your mobile configuration in IPCU

    • Scroll down to credentials

    • Click Configure on the right side.

    • Select Self Signed Root CA (make sure it is in .cer format)

      iPCU

    • Export Mobile Config now and sign it using a globally trusted CA such as GoDaddy. This step is optional, if it is done, the device will show the configuration of the mobile phone as verified, otherwise it will appear as unverified when installing the mobile configuration.

Code snippet:

 -(BOOL)IsMobileConfigInstalled { NSString* certPath = [[NSBundle mainBundle] pathForResource:@"LeafCertificate" ofType:@"cer"]; NSData* certData = [NSData dataWithContentsOfFile:certPath]; SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef) certData); SecPolicyRef policy = SecPolicyCreateBasicX509(); SecTrustRef trust; OSStatus err = SecTrustCreateWithCertificates((__bridge CFArrayRef) [NSArray arrayWithObject:(__bridge id)cert], policy, &trust); SecTrustResultType trustResult = -1; err = SecTrustEvaluate(trust, &trustResult); CFRelease(trust); CFRelease(policy); CFRelease(cert); if(trustResult == kSecTrustResultUnspecified) return YES; else return NO; }

Literature:

Here is a link to a technical discussion on a topic on the Apple Developers Forum.

Here is the link to the blog post that takes you step by step.

Here are links to discussions on this section Ref1 , Ref22

+6
source

Source: https://habr.com/ru/post/979970/

More articles:


All Articles