micromdm: Applying sha256 signed profile gives pkcs7 error

What version of micromdm are you using?

mdmctl version v1.2.0-3-g1f93a51-dirty i.e. the current master

What micromdm command did you run?

mdmctl apply profiles -f path/to/signed.mobileconfig

What did you expect to see?

mobileconfig is used as-is.

What did you see instead?

pkcs7: cannot decrypt data: only RSA, DES, DES-EDE3, AES-256-CBC and AES-128-GCM supported

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 17 (11 by maintainers)

Most upvoted comments

Digging around in https://github.com/fullsailor/pkcs7 the answer is fairly simple. The profile was signed with sha256 and only sha1 is supported. For which the error message is incorrect as it’s unrelated to decryption.

+1
Beanow on Nov 21, 2017
Read more comments on GitHub
← micromatch: Tests failing on Windows
micromdm: Invalid Certificate Signature →