I need to get the expiration date of our corporate iOS certificate used in ipa embedded.mobileprovision file using the command line.
I still have this:
security cms -D -i Payload/*.app/embedded.mobileprovision > tmp.plist && /usr/libexec/PlistBuddy -c 'Print :DeveloperCertificates' tmp.plist | base64 -d - | openssl x509 -inform DER -noout -text
Answer:
Apr 22 12:28:47 c01892 base64[14721] <Info>: Read 510 bytes. Apr 22 12:28:47 c01892 base64[14721] <Info>: Wrote 680 bytes. Apr 22 12:28:47 c01892 base64[14721] <Info>: Read 510 bytes. Apr 22 12:28:47 c01892 base64[14721] <Info>: Wrote 680 bytes. Apr 22 12:28:47 c01892 base64[14721] <Info>: Read 440 bytes. Apr 22 12:28:47 c01892 base64[14721] <Info>: Wrote 588 bytes. unable to load certificate 14722:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:/SourceCache/OpenSSL098/ OpenSSL098-52.20.2/src/crypto/asn1/tasn_dec.c:1323: 14722:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:/SourceCache/ OpenSSL098/OpenSSL098-52.20.2/src/crypto/asn1/tasn_dec.c:379:Type=X509
The openssl command works fine in our certificate file:
openssl x509 -inform DER -noout -text -in "iPhone Distribution: XXXX.cer"
So, what I am missing is you will receive a certificate from the built-in .mobileprovision, decode it and save it to a file or transfer it through the channels.
If I split sommand up, we get the following:
a. Get the certificate from the built-in .mobileprovision:
security cms -D -i Payload/*.app/embedded.mobileprovision > tmp.plist && /usr/libexec/PlistBuddy -c 'Print :DeveloperCertificates' tmp.plist > encodedcert.b64
b. Decode the resulting base64 to a .cer file:
base64 -d encodedcert.b64 certificate.cer
with. Read it with openssl:
openssl x509 -inform DER -noout -text -in certificate.cer
Unfortunately, the generated certificate.cer file by my base64 team has a length of 0 bytes ...
Who can help me further?
source share