Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
technical:pp-apple [2025/06/26 20:12] mathistechnical:pp-apple [2025/07/23 08:02] (current) mathis
Line 20: Line 20:
 Press the profile installed and then you will see a "install profile" window where you can press on "install". The profile is not verified (due to Apple its stringe requirements to get something verified). One must not worry, the profiles config files are signed using OpenSSL to ensure authentication and data integrity.  Press the profile installed and then you will see a "install profile" window where you can press on "install". The profile is not verified (due to Apple its stringe requirements to get something verified). One must not worry, the profiles config files are signed using OpenSSL to ensure authentication and data integrity. 
  
-{{:technical:img_0118.png?400 |}}+{{ :technical:img_0118.png?400 |}} 
 + 
  
  
 Finally, when pressing install you must enter your passcode and press "install" again. Finally, when pressing install you must enter your passcode and press "install" again.
 +
  
 {{ :technical:img_0119.png?400 |}} {{ :technical:img_0119.png?400 |}}
 +
 +
 +==== A clarification on the contents of the passpoint profile ====
 +Here you can see the contents of the passpoint profile. The archaic letters preceding and succeeding the XML are a signature to make the profile signed. Furthermore, when looking at the content of the XML there a few noteworthy apple specific items:
 +  * HIDDEN_NETWORK -- Whether to broadcast the SSID or not, devices must know the SSID to connect to it. (type: Boolean)
 +  * Autojoin -- if true the user can join without tapping it everytime. (type: Boolean)
 +  * Encryptiontype -- The type of encryption one wants to use. (type: String) (options: WEP, WPA, WPA2, Any, and None)
 +  * isHotSpot -- the network is treated as a hotspot if true. (type: Boolean)
 +  * DomainName -- Identifies the service provider's domain. This is used by the client device during Hotspot 2.0 (Passpoint) negotiation. (type: String)
 +  * ServiceProviderRoamingEnabled -- Allows connection to roaming service providers if true.
 +  * NAIRealmNames -- NAI realm names used for Wi-Fi HotSpot 2.0. (type: Array of Strings)
 +  * DisplayedOperatorName -- Operator name to display when connected to network. (type: String)
 +  * ProxyType -- How proxy server is configured for the network. (type : String, values: None, Manual, Auto)
 +  * CaptiveBypass -- when connecting, bypass captive network detection or not. (type: Boolean)
 +
 +More information can be found in this Apple documentation: https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf
 +
 +<code>
 +<?xml version="1.0" encoding="UTF-8"?>
 +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 +<!-- Used to define the structure of the management tree for the device-->
 +<plist version="1.0">
 +   <dict>
 +      <key>PayloadDisplayName</key>
 +      <string>Wenley-HiFi-1.0.1</string>
 +      <key>PayloadIdentifier</key>
 +      <string>tetrapi.radiusdesk-apple-4</string>
 +      <key>PayloadRemovalDisallowed</key>
 +      <false />
 +      <key>PayloadType</key>
 +      <string>Configuration</string>
 +      <key>PayloadUUID</key>
 +      <string>radiusdesk-apple-3</string>
 +      <key>PayloadVersion</key>
 +      <integer>1</integer>
 +      <key>ExpirationDate</key>
 +      <date>2029-06-22T11:45:30Z</date>
 +      <key>PayloadContent</key>
 +      <array>
 +         <dict>
 +            <key>AutoJoin</key>
 +            <true />
 +            <key>CaptiveBypass</key>
 +            <false />
 +            <key>DisableAssociationMACRandomization</key>
 +            <false />
 +            <key>DisplayedOperatorName</key>
 +            <string>HS2.0 Wenley-HiFi-1.0.1</string>          
 +            <key>DomainName</key>
 +            <string>radiusdesk.com</string>
 +            <key>EAPClientConfiguration</key>
 +            <dict>
 +               <key>AcceptEAPTypes</key>
 +               <array>
 +                  <integer>21</integer>
 +               </array>
 +               <key>TLSTrustedServerNames</key>
 +               <array>
 +<string>uam.mesh-manager.com</string>
 +</array>
 +               <key>TTLSInnerAuthentication</key>
 +               <string>MSCHAPv2</string>
 +               <key>UserName</key>
 +               <string>mathis@hotspottwo</string>
 +               <key>UserPassword</key>
 +               <string>testing123</string>
 +               <key>OuterIdentity</key>
 +               <string>anonymous@hotspottwo</string>
 +            </dict>
 +            <key>EncryptionType</key>
 +            <string>WPA</string>
 +            <key>HIDDEN_NETWORK</key>
 +            <false />
 +            <key>IsHotspot</key>
 +            <true />
 +            <key>PayloadDescription</key>
 +            <string>Configure Passpoint for Tetrapi</string>
 +            <key>PayloadDisplayName</key>
 +            <string>Wi-Fi</string>
 +            <key>PayloadIdentifier</key>
 +            <string>com.apple.wifi.managed.radiusdesk-apple-2</string>
 +            <key>PayloadType</key>
 +            <string>com.apple.wifi.managed</string>
 +            <key>PayloadUUID</key>
 +            <string>radiusdesk-apple-1</string>
 +            <key>PayloadVersion</key>
 +            <integer>1</integer>
 +            <key>ProxyType</key>
 +            <string>None</string>
 +            
 +            
 +            <key>ServiceProviderRoamingEnabled</key>
 +            <true />
 +         </dict>
 +      </array>
 +   </dict>
 +</plist>
 +</code>
 +
 +
 +
 +
 +
  • technical/pp-apple.1750961544.txt.gz
  • Last modified: 2025/06/26 20:12
  • by mathis