15

The app I am currently working on requires the use of Configuration Profiles in order to connect to a server to download XML. The certificates are distributed in the form of .p12 files, and they can be installed in the settings app in the iPhone like the bottom-left image.

The problem is that all over the internet people are saying that this is impossible.

HOWEVER, Junos Pulse can do this(bottom-right image).

It is only reading the Configuration Profiles which is exactly what I need.

ProfilesJunos Pulse

I did not have to install them into the Junos Pulse app. Adding them to the system, and launching the app is enough for my profiles to be recognized.

Thanks for your help :)

Luca Torella
  • 7,974
  • 4
  • 38
  • 48
David Skrundz
  • 13,067
  • 6
  • 42
  • 66
  • 2
    i just completed a few days of research on this, and i can tell you with certainty that it is still impossible. i'd be surprised if you find an adequate alternative. – TommyG Apr 27 '12 at 04:46
  • Any ideas on how Junos Pulse does this? – David Skrundz Apr 27 '12 at 04:47
  • I did not see this solution, but where do you see that it supports iOS? – TommyG Apr 27 '12 at 04:50
  • The Junos Pulse App has full access to the profiles. It allows the user to pick a profile for the connection, and it doesn't require a password since the user has already given it to register the profile. – David Skrundz Apr 27 '12 at 04:52
  • Yes. I didn't believe it either, but I downloaded it on my iPhone, and I pulled both of my 'target' certificates and was able to connect to the server without any prior setup on my part. – David Skrundz Apr 27 '12 at 04:58
  • so what are you asking here then? :) – TommyG Apr 27 '12 at 05:02
  • and where did you download it from if i can ask? – TommyG Apr 27 '12 at 05:03
  • I'm looking for the method that Junos Pulse uses to get the list of profiles. I need to get the list, let the user pick one(if there are multiple), then use it. – David Skrundz Apr 27 '12 at 05:13
  • 'Junos Pulse' in the app store, or http://itunes.apple.com/ca/app/junos-pulse/id381348546?mt=8 – David Skrundz Apr 27 '12 at 05:17
  • @NSArray - I'm also looking similar to your problem statement of reading the configuration profile. Did you find a solution? – shatthi Mar 13 '13 at 10:12
  • @shatthi - I contacted apple a while ago to inquire about getting the permissions required to access the certificates, and they said that they will not grant me such permission because of what my app was being used for. However, if the app is used within a company they may consider allowing it as long as it is not distributed externally. (There are many conditions which they take into consideration) – David Skrundz Mar 13 '13 at 17:21

3 Answers3

8

The reason the Junos app is able to do this has been explained in a post in the Apple Developer Forums.

Original Question: https://devforums.apple.com/message/660579#660579

Explanation about Junos app: https://devforums.apple.com/message/351326#351326

To sum it up, access to this is not provided in the SDK and is by invitation from Apple only.

Christine
  • 302
  • 4
  • 10
4

You won't. Your application is sandboxed, read the iOS App Programming Guide. Developer profiles are not public information for applications to access.

WrightsCS
  • 50,551
  • 22
  • 134
  • 186
3

I am not sure what you are trying to accomplish, but the iOS Keychain services allows you to store and retrieve certificates and keys in a (supposedly) secure way. I have not used the API for other than storing passwords, so I cannot say how it works with certificates, but according to the docs it might work for you.

In particular, have a look at the SecItemCopyMatching function.

ahsteele
  • 26,243
  • 28
  • 134
  • 248
Krumelur
  • 31,081
  • 7
  • 77
  • 119