Skip to content

Instantly share code, notes, and snippets.

@neonichu neonichu/dev-cert.sh
Created Mar 21, 2012

Embed
What would you like to do?
Extract the subject of the signing certificate of a .mobileprovision file
#!/bin/sh
# Extract the subject of the signing certificate of a .mobileprovision file
if [ -z "$1" ]
then
echo "Usage: $0 [mobileprovision-file]"
exit 1
fi
end=`grep -n --binary-files=text '</plist>' "$1"|cut -d: -f-1`
sed -n "2,${end}p" "$1"|xpath '//data' 2>/dev/null|sed -e '1d' -e '$d'|base64 -D| \
openssl x509 -subject -inform der|head -n 1
@chaitanyagupta

This comment has been minimized.

Copy link

chaitanyagupta commented Mar 21, 2012

You can also use PlistBuddy to read the cert data from the provisioning file plist:

PlistBuddy -c 'Print DeveloperCertificates:0' /path/to/provisioning_file_plist
@sumchattering

This comment has been minimized.

Copy link

sumchattering commented Sep 20, 2012

security cms -D -i path_to_mobileprovision > tmp.plist && /usr/libexec/PlistBuddy -c 'Print :Entitlements:application-identifier' tmp.plist

@yonivav

This comment has been minimized.

Copy link

yonivav commented Jul 13, 2016

Ok, i got "notAfter=Jul 9 06:53:40 2017 GMT".
Is that looks like a normal output ?! what is it ?

@janpio

This comment has been minimized.

Copy link

janpio commented Sep 1, 2018

You can extract the plist cleanly using openssl nowadays:

openssl smime -inform der -verify -noverify -in file.mobileprovision

https://stackoverflow.com/a/14379814/252627

Can be useful if you are trying to work with the file and data on Windows for example where all the others things are a lot harder to use or don't exist.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.