Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Cannot generate Apple Passbook signature

I am writing a shell script to automatically generate an Apple Passbook signature file from manifest.json using p12 certificate. Here is what I do:

openssl pkcs12 -passin pass:"mypass" -in "mycert.p12" -clcerts -nokeys -out certificate.pem
openssl pkcs12 -passin pass:"mypass" -in "mycert.p12" -nocerts -out key.pem
openssl smime  -passin pass:"mypass" -binary -sign -signer certificate.pem -inkey key.pem -in manifest.json -out signature -outform DER

The first two functions work fine. At least both certificate.pem and key.pem are created. The signature file is also created, but for some reason it is empty (0 bytes), although manifest.json is not empty, as well as certificate and key. How can this happen, and how can I fix it?

like image 332
Tofig Hasanov Avatar asked Sep 29 '12 04:09

Tofig Hasanov


1 Answers

I have solved this problem. Apparently, I also need WWDR.pem certificate to do this. This is how it worked:

openssl pkcs12 -passin pass:"somepass" -in "mycert.p12" -clcerts -nokeys -out certificate.pem
openssl pkcs12 -passin pass:"somepass" -in "mycert.p12" -nocerts -out key.pem -passout pass:"somepass"
openssl smime -binary -sign -certfile WWDR.pem -signer certificate.pem -inkey key.pem -in manifest.json -out signature -outform DER -passin pass:"somepass"
like image 195
Tofig Hasanov Avatar answered Oct 26 '22 17:10

Tofig Hasanov