×
What does signing mean?
A profile can be signed to prevent them from being tampered with after creation. Also, when
installing the profiles on a device, it will be marked as "Verified" and install without warning
about profile signatures.
How does this work?
This website uses OpenSSL on the server to sign the created profile using S/MIME. The certificates
used are saved on the server and issued by Let's Encrypt. The exact backend code can be found on
Codeberg.
What happens when the certificate expires?
Let's Encrypt certificates are valid 90 days from the day of issue. When attempting to install a
profile with an expired certificate, iOS/macOS will treat it the same as an unsigned profile. A
profile that is already installed when the certificate expires will stay installed, but change
status from "Verified" to "Unverified".
For further details, please see this issue.