Signing Apple Wallet Pass OpenSSL
I'm trying to create a pass signing server to dynamically create Apple Wallet passes using OpenSSL and standard pass templates provided by Apple but I can't seem to get the pass to show up using the following tutorial:
-https://www.raywenderlich.com/2855-beginning-passbook-in-ios-6-part-1-2
Unfortunately, when I try to import the pass into the device simulator I don't seem to get any error messages indicating what the problem is... but I did look at Apple's documentation and I think it may have to do with the signature process since the (outdated) tutorial doesn't mention anything about a PKCS #7 detached signature:
Apple Wallet Documentation
My question is: What do I need to adjust on the tutorial's OpenSSL commands to successfully sign the pass with the proper certificates? I've gone through the documentation on OpenSSL but I'm pretty new to this process so I'm not sure what to make of it. Also, if anyone has decent resources on learning more about certificates/signing/etc I would greatly appreciate the help!
certificate openssl ios code-signing
asked Sep 21 '18 at 17:36
loganbloganb
62
add a comment |
I'm trying to create a pass signing server to dynamically create Apple Wallet passes using OpenSSL and standard pass templates provided by Apple but I can't seem to get the pass to show up using the following tutorial:
-https://www.raywenderlich.com/2855-beginning-passbook-in-ios-6-part-1-2
Unfortunately, when I try to import the pass into the device simulator I don't seem to get any error messages indicating what the problem is... but I did look at Apple's documentation and I think it may have to do with the signature process since the (outdated) tutorial doesn't mention anything about a PKCS #7 detached signature:
Apple Wallet Documentation
My question is: What do I need to adjust on the tutorial's OpenSSL commands to successfully sign the pass with the proper certificates? I've gone through the documentation on OpenSSL but I'm pretty new to this process so I'm not sure what to make of it. Also, if anyone has decent resources on learning more about certificates/signing/etc I would greatly appreciate the help!
certificate openssl ios code-signing
asked Sep 21 '18 at 17:36
loganbloganb
62
add a comment |
I'm trying to create a pass signing server to dynamically create Apple Wallet passes using OpenSSL and standard pass templates provided by Apple but I can't seem to get the pass to show up using the following tutorial:
-https://www.raywenderlich.com/2855-beginning-passbook-in-ios-6-part-1-2
Unfortunately, when I try to import the pass into the device simulator I don't seem to get any error messages indicating what the problem is... but I did look at Apple's documentation and I think it may have to do with the signature process since the (outdated) tutorial doesn't mention anything about a PKCS #7 detached signature:
Apple Wallet Documentation
My question is: What do I need to adjust on the tutorial's OpenSSL commands to successfully sign the pass with the proper certificates? I've gone through the documentation on OpenSSL but I'm pretty new to this process so I'm not sure what to make of it. Also, if anyone has decent resources on learning more about certificates/signing/etc I would greatly appreciate the help!
certificate openssl ios code-signing
asked Sep 21 '18 at 17:36
loganbloganb
62
I'm trying to create a pass signing server to dynamically create Apple Wallet passes using OpenSSL and standard pass templates provided by Apple but I can't seem to get the pass to show up using the following tutorial:
-https://www.raywenderlich.com/2855-beginning-passbook-in-ios-6-part-1-2
Unfortunately, when I try to import the pass into the device simulator I don't seem to get any error messages indicating what the problem is... but I did look at Apple's documentation and I think it may have to do with the signature process since the (outdated) tutorial doesn't mention anything about a PKCS #7 detached signature:
Apple Wallet Documentation
My question is: What do I need to adjust on the tutorial's OpenSSL commands to successfully sign the pass with the proper certificates? I've gone through the documentation on OpenSSL but I'm pretty new to this process so I'm not sure what to make of it. Also, if anyone has decent resources on learning more about certificates/signing/etc I would greatly appreciate the help!
certificate openssl ios code-signing
certificate openssl ios code-signing
asked Sep 21 '18 at 17:36
loganbloganb
62
asked Sep 21 '18 at 17:36
loganbloganb
62
asked Sep 21 '18 at 17:36
loganbloganb
62
asked Sep 21 '18 at 17:36
loganbloganb
62
asked Sep 21 '18 at 17:36
loganbloganb
62
62
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
This is a delayed reply, but I hit a similar thing today, while also using that same guide:
Beginning Passbook in iOS 6: Part 1/2.
It turns out, as old as it is, it still works.
Here is some information which might help:
1) You don't need iOS Simulator to open a .pkpass file (as suggested in Apple docs), you can also open them on a Mac. What's even better, on a Mac you will get an error message when it fails to open, while on iOS Simulator it will just fail silently.
2) These errors can be seen by opening Console.app on your Mac. Trying to open an invalid .pkpass on Mac and iOS Simulator, both had log entries in Console.app, which might give you some more hints. (If there is too much noise from other logs, try filtering by pass in the top right corner.)
3) I eventually figured out my problem was because I modified the example, and was just using an empty password to produce passkey.pem, and openssl was not outputting the key into the passkey.pem file. Note the empty -passout pass: at the end:
openssl pkcs12 -in Certificates.p12 -nocerts -out passkey.pem -passin pass: -passout pass:
This of course was specific to me, and your problem might be different. The signing process is tricky, everything needs to be just right, changing one small character in any of the files throws the whole signature invalid and thus makes the pass not valid. You should be able to get some more clues specific to your setup in the log files in Console.app.
To clarify and answer your question more directly, I don't think you need to adjust anything in the example. Following it verbatim, it still generates a valid .pkpass file. Try to use the methods described above to figure out where you went wrong: i.e. is the certificate invalid, or does the signature not match the data. There should be some clues in the error logs.
answered Jan 21 at 5:03
naartjienaartjie
992
I'm not sure why the downvote. I tried to clarify it more with an edit. Happy to help anyone who hits this problem and isn't able to pinpoint exactly how to get it to work.
– naartjie
Jan 22 at 11:25
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1360307%2fsigning-apple-wallet-pass-openssl%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is a delayed reply, but I hit a similar thing today, while also using that same guide:
Beginning Passbook in iOS 6: Part 1/2.
It turns out, as old as it is, it still works.
Here is some information which might help:
1) You don't need iOS Simulator to open a .pkpass file (as suggested in Apple docs), you can also open them on a Mac. What's even better, on a Mac you will get an error message when it fails to open, while on iOS Simulator it will just fail silently.
2) These errors can be seen by opening Console.app on your Mac. Trying to open an invalid .pkpass on Mac and iOS Simulator, both had log entries in Console.app, which might give you some more hints. (If there is too much noise from other logs, try filtering by pass in the top right corner.)
3) I eventually figured out my problem was because I modified the example, and was just using an empty password to produce passkey.pem, and openssl was not outputting the key into the passkey.pem file. Note the empty -passout pass: at the end:
openssl pkcs12 -in Certificates.p12 -nocerts -out passkey.pem -passin pass: -passout pass:
This of course was specific to me, and your problem might be different. The signing process is tricky, everything needs to be just right, changing one small character in any of the files throws the whole signature invalid and thus makes the pass not valid. You should be able to get some more clues specific to your setup in the log files in Console.app.
To clarify and answer your question more directly, I don't think you need to adjust anything in the example. Following it verbatim, it still generates a valid .pkpass file. Try to use the methods described above to figure out where you went wrong: i.e. is the certificate invalid, or does the signature not match the data. There should be some clues in the error logs.
answered Jan 21 at 5:03
naartjienaartjie
992
I'm not sure why the downvote. I tried to clarify it more with an edit. Happy to help anyone who hits this problem and isn't able to pinpoint exactly how to get it to work.
– naartjie
Jan 22 at 11:25
add a comment |
This is a delayed reply, but I hit a similar thing today, while also using that same guide:
Beginning Passbook in iOS 6: Part 1/2.
It turns out, as old as it is, it still works.
Here is some information which might help:
1) You don't need iOS Simulator to open a .pkpass file (as suggested in Apple docs), you can also open them on a Mac. What's even better, on a Mac you will get an error message when it fails to open, while on iOS Simulator it will just fail silently.
2) These errors can be seen by opening Console.app on your Mac. Trying to open an invalid .pkpass on Mac and iOS Simulator, both had log entries in Console.app, which might give you some more hints. (If there is too much noise from other logs, try filtering by pass in the top right corner.)
3) I eventually figured out my problem was because I modified the example, and was just using an empty password to produce passkey.pem, and openssl was not outputting the key into the passkey.pem file. Note the empty -passout pass: at the end:
openssl pkcs12 -in Certificates.p12 -nocerts -out passkey.pem -passin pass: -passout pass:
This of course was specific to me, and your problem might be different. The signing process is tricky, everything needs to be just right, changing one small character in any of the files throws the whole signature invalid and thus makes the pass not valid. You should be able to get some more clues specific to your setup in the log files in Console.app.
To clarify and answer your question more directly, I don't think you need to adjust anything in the example. Following it verbatim, it still generates a valid .pkpass file. Try to use the methods described above to figure out where you went wrong: i.e. is the certificate invalid, or does the signature not match the data. There should be some clues in the error logs.
answered Jan 21 at 5:03
naartjienaartjie
992
I'm not sure why the downvote. I tried to clarify it more with an edit. Happy to help anyone who hits this problem and isn't able to pinpoint exactly how to get it to work.
– naartjie
Jan 22 at 11:25
add a comment |
This is a delayed reply, but I hit a similar thing today, while also using that same guide:
Beginning Passbook in iOS 6: Part 1/2.
It turns out, as old as it is, it still works.
Here is some information which might help:
1) You don't need iOS Simulator to open a .pkpass file (as suggested in Apple docs), you can also open them on a Mac. What's even better, on a Mac you will get an error message when it fails to open, while on iOS Simulator it will just fail silently.
2) These errors can be seen by opening Console.app on your Mac. Trying to open an invalid .pkpass on Mac and iOS Simulator, both had log entries in Console.app, which might give you some more hints. (If there is too much noise from other logs, try filtering by pass in the top right corner.)
3) I eventually figured out my problem was because I modified the example, and was just using an empty password to produce passkey.pem, and openssl was not outputting the key into the passkey.pem file. Note the empty -passout pass: at the end:
openssl pkcs12 -in Certificates.p12 -nocerts -out passkey.pem -passin pass: -passout pass:
This of course was specific to me, and your problem might be different. The signing process is tricky, everything needs to be just right, changing one small character in any of the files throws the whole signature invalid and thus makes the pass not valid. You should be able to get some more clues specific to your setup in the log files in Console.app.
To clarify and answer your question more directly, I don't think you need to adjust anything in the example. Following it verbatim, it still generates a valid .pkpass file. Try to use the methods described above to figure out where you went wrong: i.e. is the certificate invalid, or does the signature not match the data. There should be some clues in the error logs.
answered Jan 21 at 5:03
naartjienaartjie
992
This is a delayed reply, but I hit a similar thing today, while also using that same guide:
Beginning Passbook in iOS 6: Part 1/2.
It turns out, as old as it is, it still works.
Here is some information which might help:
1) You don't need iOS Simulator to open a .pkpass file (as suggested in Apple docs), you can also open them on a Mac. What's even better, on a Mac you will get an error message when it fails to open, while on iOS Simulator it will just fail silently.
2) These errors can be seen by opening Console.app on your Mac. Trying to open an invalid .pkpass on Mac and iOS Simulator, both had log entries in Console.app, which might give you some more hints. (If there is too much noise from other logs, try filtering by pass in the top right corner.)
3) I eventually figured out my problem was because I modified the example, and was just using an empty password to produce passkey.pem, and openssl was not outputting the key into the passkey.pem file. Note the empty -passout pass: at the end:
openssl pkcs12 -in Certificates.p12 -nocerts -out passkey.pem -passin pass: -passout pass:
This of course was specific to me, and your problem might be different. The signing process is tricky, everything needs to be just right, changing one small character in any of the files throws the whole signature invalid and thus makes the pass not valid. You should be able to get some more clues specific to your setup in the log files in Console.app.
To clarify and answer your question more directly, I don't think you need to adjust anything in the example. Following it verbatim, it still generates a valid .pkpass file. Try to use the methods described above to figure out where you went wrong: i.e. is the certificate invalid, or does the signature not match the data. There should be some clues in the error logs.
answered Jan 21 at 5:03
naartjienaartjie
992
edited Jan 22 at 11:23
answered Jan 21 at 5:03
naartjienaartjie
992
answered Jan 21 at 5:03
naartjienaartjie
992
answered Jan 21 at 5:03
naartjienaartjie
992
992
I'm not sure why the downvote. I tried to clarify it more with an edit. Happy to help anyone who hits this problem and isn't able to pinpoint exactly how to get it to work.
– naartjie
Jan 22 at 11:25
add a comment |
I'm not sure why the downvote. I tried to clarify it more with an edit. Happy to help anyone who hits this problem and isn't able to pinpoint exactly how to get it to work.
– naartjie
Jan 22 at 11:25
I'm not sure why the downvote. I tried to clarify it more with an edit. Happy to help anyone who hits this problem and isn't able to pinpoint exactly how to get it to work.
– naartjie
Jan 22 at 11:25
I'm not sure why the downvote. I tried to clarify it more with an edit. Happy to help anyone who hits this problem and isn't able to pinpoint exactly how to get it to work.
– naartjie
Jan 22 at 11:25
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1360307%2fsigning-apple-wallet-pass-openssl%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
