Y
Hacker News
new
|
ask
|
show
|
jobs
by
jordache
2696 days ago
what if device is not connected to internet or that you have the apple certificate check IPs blocked in your corporate proxy?
1 comments
saagarjha
2696 days ago
As of iOS 8.1, enterprise-signed apps will refuse to launch if the device has not recently checked in with Apple to grab the latest revocation list.
link
shinymark
2696 days ago
Got it, that was the main missing link that I was looking for. Devices are frequently phoning home to get an updated certificate revocation list.
link
jordache
2695 days ago
how easy is it ti mock this list? Say you map that apple endpoint within your local network to mocked revocation list? I assume it's probably hashed?
link
saagarjha
2695 days ago
It’s probably signed by Apple or something like that.
link