Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is it possible to revoke access if the configuration profile leaks? #5

Open
phi161 opened this issue Feb 7, 2023 · 1 comment
Open

Is it possible to revoke access if the configuration profile leaks? #5

phi161 opened this issue Feb 7, 2023 · 1 comment

Comments

@phi161
Copy link

phi161 commented Feb 7, 2023

I understand that it's possible to have certificates expire on a certain date, but would it be possible to somehow revoke access immediately? Or will this always require a new app build (replacing the binary's certificate)?

(also thanks for the great blog post and this tool, it's been very helpful!)
@Sherlouk
Copy link
Contributor

Sorry @phi161, it turns out I was not subscribed to this repo and so missed your issue.

It is not currently possible to revoke a profile beyond the expiration date. You can regenerate the profile and certificate pair, but as you said this would require an app release and still leaves the previous versions "vulnerable".

Of course within the scope of your own project, you may be able to implement your own solution though - for example a remote configuration file which lists which profiles are valid (allowing you to remotely revoke them).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@phi161 @Sherlouk