I have a profile on my iPhone that is no longer available elsewhere. However, I would like to install this profile on my iPad. Is there any way to export these certificates? I tried grabbing the TrustCore.sqlite3 file form my iPhone and putting it on my iPad, replacing the one that was there previously, but that did not work after rebooting my iPad. I also tried using the iPhone Configuration Utility but it doesn't allow me to export individual certificates. Does anyone have any idea how I would go about doing this?
AFAIK, you can't exact configuration profile from a device. I have also tried with jailbroken phone, but could not find quick solution. I think its security provided by Apple. Otherwise, anyone can retrive installed configuration profile and modify it and re-install it.
Answer given by #obuseme is for provisioning profile. You can get them as mentioned by him. Configuration profiles are different than provisioning profile.
Yes you can.
This can be done for companies that need to extract configuration profiles so that they can deploy it to other devices within the network.
In most cases you would deploy using a tool like jamf.
To gather the configuration profile you can use AppleConfigurator2 or iMazing.
Personally I would use iMazing as AppleConfigurator2 is now old and would suggest using something that might be a little easer for the end user to extract the configuration profile.
I hove done a demo screenshot for you so that you can see it working for my Tennent that I will be deploying the profile out to all users in my workplace.
https://imazing.com/guides/how-to-manage-configuration-profiles
Related
The app I am currently working on requires the use of Configuration Profiles in order to connect to a server to download XML. The certificates are distributed in the form of .p12 files, and they can be installed in the settings app in the iPhone like the bottom-left image.
The problem is that all over the internet people are saying that this is impossible.
HOWEVER, Junos Pulse can do this(bottom-right image).
It is only reading the Configuration Profiles which is exactly what I need.
I did not have to install them into the Junos Pulse app. Adding them to the system, and launching the app is enough for my profiles to be recognized.
Thanks for your help :)
The reason the Junos app is able to do this has been explained in a post in the Apple Developer Forums.
Original Question: https://devforums.apple.com/message/660579#660579
Explanation about Junos app: https://devforums.apple.com/message/351326#351326
To sum it up, access to this is not provided in the SDK and is by invitation from Apple only.
You won't. Your application is sandboxed, read the iOS App Programming Guide. Developer profiles are not public information for applications to access.
I am not sure what you are trying to accomplish, but the iOS Keychain services allows you to store and retrieve certificates and keys in a (supposedly) secure way. I have not used the API for other than storing passwords, so I cannot say how it works with certificates, but according to the docs it might work for you.
In particular, have a look at the SecItemCopyMatching function.
Can Apple's iPhone Configuration Utility be used to configure my own application? I have created an app with a number of different settings, and I would like the option of having someone in a corporate setting having the option of configuring the settings via a configuration profile like what Apple provides for their own apps using iPhone Configuration Utility. What are my options here? Thanks for the help,
Unfortunately no, you can't use the current version of the iPhone Configuration Utility (3.2) to configure anything but the predefined configuration settings built into the OS (things like VPN, WiFi, ActiveSync ect...)
You could have your application call into a central server (when it is run) and punch its own settings. However this won't include things like enabling GPS location tracking or push notifications, since the user gets the final say on these settings (when they are prompted).
If you mean the settings app on the home screen, it's easy. All you need is a plist:
Here's the documentation for implementing it. It looks like a lot of work, but it's really not. They just have a lot of that marketing style text that they love to put around the documentation:
http://developer.apple.com/library/ios/#documentation/iphone/conceptual/iphoneosprogrammingguide/Preferences/Preferences.html
You have to store your settings on your own server and let your app interpret them. iPCU is only for configuring iPhone built-in apps.
If you do need configure them in an easy way, checkout the app, iPCU on AppStore. Pre-config settings such as email, vpn, calendars... and send them to your fellow co-workers via an Email. After installing the profile, their iOS devices are ready for the enterprises use right away.
iTunes:
http://itunes.apple.com/us/app/ipcu/id513585146?mt=8
I have a little app that I want (potentially) a lot of my clients to test and give feedback on before launch, do I really need to setup a massive list of UUID's in the provisioning profile and build against that certificate, email them the .APP file and the certificate?
I was hoping for a, perhaps, private app store? But I cannot seem to find much on this topic
Any advice or help is greatly appreciated here :)
Cheers,
Mark
It seems that even with the Enterprise option, you'll still need to distribute a provisioning profile:
http://manuals.info.apple.com/en_US/Enterprise_Deployment_Guide.pdf (particularly Chapter 5)
However, it looks like you won't need to add each device to this provisioning profile if it's an Enterprise profile, but the users themselves (or the IT support staff) would have to add the provisioning profile to each machine with iTunes.
Without Enterprise profile, unfortunately the answer is YES. And with enterprise profile, the scenario is already explained in previous answer.
If they all have iPhone SDK installed in their Mac, and if your app doesn't require device-specific features (camera, accelerometer...) then you can just zip your app folder in your iPhone simulator's Application Support folder and send it to all your clients.
It works great for a number of my clients, especially to validate the user interface.
I have looked around here to see if somebody has asked this question before but nobody really has the same situation so i would like to now how to do the following:
At home i have an iMac on which i do my iPhone development. I can deploy the application on my own iPhone without any problem.
At work i have a colleague who owns a Macbook Pro and i would like to use my certificate to deploy the application on his iPhone.
The tricky part is that we (of course) have different accounts on the computers and i don't want to create an account on his Macbook Pro just for this.
I have read in several places that you can export the certificate (in my case from my iMac) and import it onto his computer, a detailed description can be found here: http://www.theevilboss.com/2009/06/iphone-sdk-development-on-multiple.html) but does this scenario also work for different accounts?
If not, how can i do this?
A second question (and which might also solve my first question), does every member on the development team need to have a personal account for the Provisioning portal? And thus pay the development fee?, i have a company registration and i can register 100 devices but when i want to add a person using the Member center i get the feeling that this person needs to register himself first and pay the development fee)
The quickest smartes and easiest solution.
Saved me hours of searching and implemnting different tactics and techniques
iphone sdk development on multiple mac machines
Two ways to do this:
First: add your buddy to your 'team' in the iphone developer portal. he then will have to generate his own certificates. There is no additional charge for this. This makes sense if you want to give him source code and let him use Xcode to work with / debug the app. If you don't want to give him source code, do the second choice.
Second: if he doesn't need to debug and use Xcode, just add his phone UUID to your 'Devices' in the portal, generate an Ad Hoc Distribution Certificate and then make an Ad Hoc build for anything you want to give him to test/try out. He then just uses itunes to copy the ad hoc certificate and the app to his phone. There are instructions in the portal for making the ad hoc builds.
I'm attempting to do an ad-hoc distribution of my (first) iPhone App to a small group of volunteer testers. I've looked through Apple's documentation, as well as a number of blog posts, but am still having trouble. I have a couple questions about things that aren't clear (to me, at least):
When creating Development and/or Distribution certificate requests, for Common Name, should I use my name or my company's name? I registered for the iPhone Developer program as a company, and the portal shows this company name, but also my own name as "Agent".
Also, Apple's documentation (the "Publishing Applications for Testing" chapter of the Developer's Guide) contains a diagram showing the Tester Provisioning Profile as containing info about the Tester Device, the Test App ID, and the Development Certificate. When I try to create the Tester (Ad-hoc) Provisioning Profile on the portal, it selects the Distribution Certificate, not the Development Certificate. Is this right? It seems to make sense, but doesn't match the diagram.
Any other advice on ad-hoc provisioning would also be appreciated, particularly how to gather information for troubleshooting. My testers have reported getting an "application was not installed because an unknown error occurred (0xE8008016)" message, which doesn't tell me anything about what I may have done wrong.
Thanks,
Andrew
Well, I seem to have it working -- sorry for the long delay in following up. Here's the best resource on this that I've found: http://www.bigspaceship.com/blog/labs/iphone-101-understanding-distribution-pt-i-of-ii/ although even it doesn't get quite all the details right, and it seem that Apple changes the iPhone Program portal often, so maybe no resource will ever be fully up-to-date. Your mileage may vary.
To answer the questions I posed (and reply to some of the questions raised in other answers): For the Developer Certificate, I used my own name. For the distribution certificate, I used the name of the Company. Yes, the dist.plist bust exist and the get-task-allow property is false.
Finally, one more gotcha: the AppID/Bundle identifier should be all-lowercase.
I posted a sample packaging script that i use for automating ad hoc distribution builds, maybe this is useful?
http://iphonedev.makerlab.org/2009/12/packaging-script-for-iphone-ad-hoc-distribution-builds/
I used my own name for Common Name, however, I'm not sure this really matters. I did name my dist. provisioning profile with my company name, though.
Ad-Hoc is considered distribution, so the distribution certificate is the correct one.
Did you create an Entitlements.plist file for your ad-hoc?
Are you getting any signing errors when you build your ad-hoc?
Does the ad-hoc build you created install properly for you? That's the easiest way to gather information-try it yourself, following the directions you're giving your users.
I had problems with Windows users not being able to install my app because Windows couldn't properly decode the compressed folder I created on my Mac. I eventually resorted to a Run Script build phase in XCode that created a .ipa file which worked properly for drag-and-drop for Windows and Mac iTunes.
In your entitlements.plist file you have to uncheck the get-task-allow bool to give it a false value. This is only for AdHoc distribution.
I learned this the hard way when I went through a build cycle thinking I had saved and checked in the right entitlements.plist with get-task-allow unchecked.