-
-
Save mbinna/68d5218ff82b2e4b2745 to your computer and use it in GitHub Desktop.
Signing Configuration Profiles with OpenSSL In Pure Ruby
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
require 'openssl' | |
# Global defines. | |
private_key_file = 'key.pem' | |
signing_cert_file = 'cert.pem' | |
intermediate_cert_files = %w(intermediate_cert1.pem intermediate_cert2.pem) | |
configuration_profile_file = 'profile.mobileconfig' | |
# Paths. | |
directory_path = File.expand_path(File.dirname(__FILE__)) | |
private_key_path = File.join(directory_path, private_key_file) | |
signing_cert_path = File.join(directory_path, signing_cert_file) | |
intermediate_cert_paths = intermediate_cert_files.map do |intermediate_cert_file| | |
File.join(directory_path, intermediate_cert_file) | |
end | |
configuration_profile_path = File.join(directory_path, | |
configuration_profile_file) | |
# Read private key. | |
private_key_data = File.read(private_key_path) | |
private_key = OpenSSL::PKey::RSA.new(private_key_data) | |
# Read signing certificate. | |
signing_cert_data = File.read(signing_cert_path) | |
signing_cert = OpenSSL::X509::Certificate.new(signing_cert_data) | |
# Read intermediate certificates. | |
intermediate_certs = intermediate_cert_paths.map do |intermediate_cert_path| | |
intermediate_cert_data = File.read(intermediate_cert_path) | |
OpenSSL::X509::Certificate.new(intermediate_cert_data) | |
end | |
# Read configuration profile. | |
configuration_profile_data = File.read(configuration_profile_path) | |
# Sign the configuration profile. | |
signing_flags = OpenSSL::PKCS7::BINARY | |
signature = OpenSSL::PKCS7.sign(signing_cert, private_key, | |
configuration_profile_data, intermediate_certs, | |
signing_flags) | |
signed_config_profile_file = 'profile-signed.mobileconfig' | |
signed_config_profile_path = File.join(directory_path, | |
signed_config_profile_file) | |
File.write(signed_config_profile_path, signature.to_der) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment