我发现了以下方法来识别(是否安装了 mobile config )，但是到目前为止，我还没有测试.

没有直接的API可以执行此操作.但是有一种解决方法 通过证书信任验证来实现这一目标.

如果我们将带有移动配置的自签名信任CA附加并安装 它在设备上，我们可以检查是否通过以下方式安装了移动配置 检查由证书签名的叶子证书的信任级别 自签名的根ca.也就是说，如果应用中的叶子证书的信任验证失败，则表示未安装或未安装移动配置

步骤:

• 创建一个自签名根CA ，您可以在终端中使用证书助手或 openssl 来完成.

• 创建另一个证书 并使用自签名根CA

对其进行签名

• 将在上一步中创建的签名证书附加到xcode

• 附加自签名根CA 作为移动配置

  的一部分

  • 在IPCU中打开您的移动配置

  • 向下滚动到凭据

  • 按右侧的 Configure

  • 选择自签名根CA (确保其为.cer格式)

  • 立即导出移动配置，然后使用全球受信任的CA 进行签名(例如GoDaddy).如果此步骤完成，则该步骤是可选的，设备将显示移动配置为 verified ，否则在安装移动配置时会显示为 unverified .

---

代码段:

-(BOOL)IsMobileConfigInstalled {

NSString* certPath = [[NSBundle mainBundle] pathForResource:@"LeafCertificate" ofType:@"cer"];

NSData* certData = [NSData dataWithContentsOfFile:certPath];

SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef) certData);

SecPolicyRef policy = SecPolicyCreateBasicX509();

SecTrustRef trust;

OSStatus err = SecTrustCreateWithCertificates((__bridge CFArrayRef) [NSArray arrayWithObject:(__bridge id)cert], policy, &trust);

SecTrustResultType trustResult = -1;

err = SecTrustEvaluate(trust, &trustResult);

CFRelease(trust);

CFRelease(policy);

CFRelease(cert);

if(trustResult == kSecTrustResultUnspecified)
    return YES;
else
    return NO;
}

---

参考:

以下是链接，以围绕苹果开发者论坛中的主题

这是指向博客文章的链接. /p>

以下是有关此主题的堆栈溢出讨论的链接 Ref1 ，Installing a configuration profile on iPhone - programmatically) on iPhone Desktop.

How to check whether this config file is installed?

In iPhone Settings->General->provision file,I can find the list.

I came across a the following approach to identify if the mobile config is installed or not,But I have not tested though so far.

There is no direct API available to do this.But there is a workaround to achieve this by the means of certificate trust verification.

If we attach a self-signed trust ca with mobile config and install it on the device we can check if the mobile config is installed by checking the trust level of the leaf certificate that is signed by the self-signed root ca.That is ,If leaf certificate's trust verification is failed in the app means the mobile config is not installed or else installed

Steps:

• Create a Self Signed Root CA you can do it either using Certificate Assistant or openssl in terminal.

• Create another Certificate and get it Signed using the Self Signed Root CA

• Attach the Signed Certificate that is created in previous step to the xcode

• Attach the Self Signed Root CA as a part of the Mobile Config

  • Open your mobile config in the IPCU

  • Scroll down to Credentials

  • Press Configure on the right side

  • Select the Self Signed Root CA (make sure its in .cer format)

  • Export the Mobile Config now and signing it using Globally Trusted CA like GoDaddy.This step is optional if its is done the device will show the mobile config as verified or else it will show as unverified while installing mobile config.

---

Code Snippet:

-(BOOL)IsMobileConfigInstalled {

NSString* certPath = [[NSBundle mainBundle] pathForResource:@"LeafCertificate" ofType:@"cer"];

NSData* certData = [NSData dataWithContentsOfFile:certPath];

SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef) certData);

SecPolicyRef policy = SecPolicyCreateBasicX509();

SecTrustRef trust;

OSStatus err = SecTrustCreateWithCertificates((__bridge CFArrayRef) [NSArray arrayWithObject:(__bridge id)cert], policy, &trust);

SecTrustResultType trustResult = -1;

err = SecTrustEvaluate(trust, &trustResult);

CFRelease(trust);

CFRelease(policy);

CFRelease(cert);

if(trustResult == kSecTrustResultUnspecified)
    return YES;
else
    return NO;
}

---

References:

Here is the link to a technical discussion around the topic in apple developer forum

Here is the link to a blog post that takes you step by step.

Here are the links to stack overflow discussions about this topic Ref1, Ref22