Tue 25 Mar 2014
Signing Mobile Configuration Profiles
Category : Technology/VPNEnabler1dot0dot3.txt
I’ve figured out how to get VPN Enabler
to sign the configuration profiles that it produces.
If the server VPN Enabler is running on has either a valid SSL cert in OS X’s OpenSSL folder, or even a test cert generated by apps like MailServe
, then VPN Enabler will give the user a choice to generate and sign a mobile configuration profile, as shown below, when he is creating or editing a VPN user account :
The mobileconfig profile that is generated here will contain the user’s VPN password, in Base64 format. It’s not human-readable, preventing casual snooping, but Base64 is not encryption. It is easily decipherable by any knowledgeable techie. I’m still looking for a way to encrypt the profile data, but this version is useful enough to be released. It can be downloaded now.
Posted at 3:50AM UTC | permalink