Mac@Work : The Ultimate Business Machine

The
Ultimate
Business Machine

Technology, business
and innovation.

And, not least, about
the Mac.

Weblog • Archive • Cutedge

by: Bernard Teo

Tue 25 Mar 2014

Signing Mobile Configuration Profiles

Category : Technology/VPNEnabler1dot0dot3.txt

I’ve figured out how to get VPN Enabler to sign the configuration profiles that it produces.

If the server VPN Enabler is running on has either a valid SSL cert in OS X’s OpenSSL folder, or even a test cert generated by apps like MailServe or WebMon, then VPN Enabler will give the user a choice to generate and sign a mobile configuration profile, as shown below, when he is creating or editing a VPN user account :

The mobileconfig profile that is generated here will contain the user’s VPN password, in Base64 format. It’s not human-readable, preventing casual snooping, but Base64 is not encryption. It is easily decipherable by any knowledgeable techie. I’m still looking for a way to encrypt the profile data, but this version is useful enough to be released. It can be downloaded now.

Posted at 3:50AM UTC | permalink

Mac@Work
Put your Mac to Work

•	Sivasothi.com? Now how would you do something like that?
•	Weblogs. Download and start a weblog of your own.
•	A Mac Business Toolbox A survey of the possibilities
•	A Business Scenario How we could use Macs in businesses
•	VPN Enabler for Mavericks
•	MailServe for Mavericks
•	DNS Enabler for Mavericks
•	DNS Agent for Mavericks
•	WebMon for Mavericks
•	Luca for Mavericks
•	Liya for Mountain Lion & Mavericks
•	Postfix Enabler for Tiger and Panther
•	Sendmail Enabler for Jaguar

Services running on this server, a Mac Mini running Mac OS X 10.9.2 Mavericks:

Apache 2 Web Server
Postfix Mail Server
Dovecot IMAP Server
Fetchmail
SpamBayes Spam Filter
Procmail
BIND DNS Server
DNS Agent
WebDAV Server
VPN Server
PHP-based weblog
MySQL database
PostgreSQL database

all set up using MailServe, WebMon, DNS Enabler, DNS Agent, VPN Enabler, Liya and our SQL installers, all on Mavericks.