Skip to content

Instantly share code, notes, and snippets.

@neonichu

neonichu/dev-cert.sh

Created Mar 21, 2012
Embed
What would you like to do?
Extract the subject of the signing certificate of a .mobileprovision file
#!/bin/sh
# Extract the subject of the signing certificate of a .mobileprovision file
if [ -z "$1" ]
then
echo "Usage: $0 [mobileprovision-file]"
exit 1
fi
end=`grep -n --binary-files=text '</plist>' "$1"|cut -d: -f-1`
sed -n "2,${end}p" "$1"|xpath '//data' 2>/dev/null|sed -e '1d' -e '$d'|base64 -D| \
openssl x509 -subject -inform der|head -n 1
@chaitanyagupta

This comment has been minimized.

Copy link

@chaitanyagupta chaitanyagupta commented Mar 21, 2012

You can also use PlistBuddy to read the cert data from the provisioning file plist:

PlistBuddy -c 'Print DeveloperCertificates:0' /path/to/provisioning_file_plist
@sumchattering

This comment has been minimized.

Copy link

@sumchattering sumchattering commented Sep 20, 2012

security cms -D -i path_to_mobileprovision > tmp.plist && /usr/libexec/PlistBuddy -c 'Print :Entitlements:application-identifier' tmp.plist

@yonivav

This comment has been minimized.

Copy link

@yonivav yonivav commented Jul 13, 2016

Ok, i got "notAfter=Jul 9 06:53:40 2017 GMT".
Is that looks like a normal output ?! what is it ?

@janpio

This comment has been minimized.

Copy link

@janpio janpio commented Sep 1, 2018

You can extract the plist cleanly using openssl nowadays:

openssl smime -inform der -verify -noverify -in file.mobileprovision

https://stackoverflow.com/a/14379814/252627

Can be useful if you are trying to work with the file and data on Windows for example where all the others things are a lot harder to use or don't exist.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment