I am writing a shell script to automatically generate an Apple Passbook signature file from manifest.json using p12 certificate. Here is what I do:
openssl pkcs12 -passin pass:"mypass" -in "mycert.p12" -clcerts -nokeys -out certificate.pem
openssl pkcs12 -passin pass:"mypass" -in "mycert.p12" -nocerts -out key.pem
openssl smime -passin pass:"mypass" -binary -sign -signer certificate.pem -inkey key.pem -in manifest.json -out signature -outform DER
The first two functions work fine. At least both certificate.pem and key.pem are created. The signature file is also created, but for some reason it is empty (0 bytes), although manifest.json is not empty, as well as certificate and key. How can this happen, and how can I fix it?
I have solved this problem. Apparently, I also need WWDR.pem certificate to do this. This is how it worked:
openssl pkcs12 -passin pass:"somepass" -in "mycert.p12" -clcerts -nokeys -out certificate.pem
openssl pkcs12 -passin pass:"somepass" -in "mycert.p12" -nocerts -out key.pem -passout pass:"somepass"
openssl smime -binary -sign -certfile WWDR.pem -signer certificate.pem -inkey key.pem -in manifest.json -out signature -outform DER -passin pass:"somepass"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With