pinecrypt-gateway-frontend/templates/snippets/ios.mobileconfig

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <!-- https://developer.apple.com/library/content/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html -->
    <key>PayloadDisplayName</key>
    <string>{{ gateway }}</string>
    <key>PayloadDescription</key>
    <string>IPSec IKEv2 VPN connection via {{ gateway }}</string>
    <!-- This is a reverse-DNS style unique identifier used to detect duplicate profiles -->
    <key>PayloadIdentifier</key>
    <string>{{ gateway }}</string>
    <key>PayloadUUID</key>
    <string>{{ service_uuid }}</string>
    <key>PayloadType</key>
    <string>Configuration</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
    <key>PayloadContent</key>
    <array>
        <dict>
            <key>PayloadIdentifier</key>
            <string>{{ gateway }}.conf1</string>
            <key>PayloadUUID</key>
            <string>{{ conf_uuid }}</string>
            <key>PayloadType</key>
            <string>com.apple.vpn.managed</string>
            <key>PayloadVersion</key>
            <integer>1</integer>
            <key>UserDefinedName</key>
            <string>{{ gateway }}</string>
            <key>VPNType</key>
            <string>IKEv2</string>
            <key>IKEv2</key>
            <dict>
                <key>RemoteAddress</key>
                <string>{{ gateway }}</string>
                <key>RemoteIdentifier</key>
                <string>{{ gateway }}</string>
                <key>LocalIdentifier</key>
                <string>{{ common_name }}</string>
                <key>ServerCertificateIssuerCommonName</key>
                <string>{{ authority.certificate.common_name }}</string>
                <key>ServerCertificateCommonName</key>
                <string>{{ gateway }}</string>
                <key>AuthenticationMethod</key>
                <string>Certificate</string>
                <key>IKESecurityAssociationParameters</key>
                <dict>
                    <key>EncryptionAlgorithm</key>
                    <string>AES-256</string>
                    <key>IntegrityAlgorithm</key>
                    <string>SHA2-384</string>
                    <key>DiffieHellmanGroup</key>
                    <integer>14</integer>
                </dict>
                <key>ChildSecurityAssociationParameters</key>
                <dict>
                    <key>EncryptionAlgorithm</key>
                    <string>AES-128-GCM</string>
                    <key>IntegrityAlgorithm</key>
                    <string>SHA2-256</string>
                    <key>DiffieHellmanGroup</key>
                    <integer>14</integer>
                </dict>
                <key>EnablePFS</key>
                <integer>1</integer>
                <key>PayloadCertificateUUID</key>
                <string>{{ p12_uuid }}</string>
            </dict>
        </dict>
        <dict>
            <key>PayloadIdentifier</key>
            <string>{{ common_name }}</string>
            <key>PayloadUUID</key>
            <string>{{ p12_uuid }}</string>
            <key>PayloadType</key>
            <string>com.apple.security.pkcs12</string>
            <key>PayloadVersion</key>
            <integer>1</integer>
            <key>PayloadContent</key>
            <data>{{ p12 }}</data>
        </dict>
        <dict>
            <key>PayloadIdentifier</key>
            <string>{{ authority.certificate.common_name }}</string>
            <key>PayloadUUID</key>
            <string>{{ ca_uuid }}</string>
            <key>PayloadType</key>
            <string>com.apple.security.root</string>
            <key>PayloadVersion</key>
            <integer>1</integer>
            <key>PayloadContent</key>
            <data>{{ ca }}</data>
        </dict>
    </array>
</dict>
</plist>
Initial commit 2021-05-27 10:15:46 +00:00			`<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">`
			`<plist version="1.0">`
			`<dict>`
			`<!-- https://developer.apple.com/library/content/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html -->`
			`<key>PayloadDisplayName</key>`
			`<string>{{ gateway }}</string>`
			`<key>PayloadDescription</key>`
			`<string>IPSec IKEv2 VPN connection via {{ gateway }}</string>`
			`<!-- This is a reverse-DNS style unique identifier used to detect duplicate profiles -->`
			`<key>PayloadIdentifier</key>`
			`<string>{{ gateway }}</string>`
			`<key>PayloadUUID</key>`
			`<string>{{ service_uuid }}</string>`
			`<key>PayloadType</key>`
			`<string>Configuration</string>`
			`<key>PayloadVersion</key>`
			`<integer>1</integer>`
			`<key>PayloadContent</key>`
			`<array>`
			`<dict>`
			`<key>PayloadIdentifier</key>`
			`<string>{{ gateway }}.conf1</string>`
			`<key>PayloadUUID</key>`
			`<string>{{ conf_uuid }}</string>`
			`<key>PayloadType</key>`
			`<string>com.apple.vpn.managed</string>`
			`<key>PayloadVersion</key>`
			`<integer>1</integer>`
			`<key>UserDefinedName</key>`
			`<string>{{ gateway }}</string>`
			`<key>VPNType</key>`
			`<string>IKEv2</string>`
			`<key>IKEv2</key>`
			`<dict>`
			`<key>RemoteAddress</key>`
			`<string>{{ gateway }}</string>`
			`<key>RemoteIdentifier</key>`
			`<string>{{ gateway }}</string>`
			`<key>LocalIdentifier</key>`
			`<string>{{ common_name }}</string>`
			`<key>ServerCertificateIssuerCommonName</key>`
			`<string>{{ authority.certificate.common_name }}</string>`
			`<key>ServerCertificateCommonName</key>`
			`<string>{{ gateway }}</string>`
			`<key>AuthenticationMethod</key>`
			`<string>Certificate</string>`
			`<key>IKESecurityAssociationParameters</key>`
			`<dict>`
			`<key>EncryptionAlgorithm</key>`
			`<string>AES-256</string>`
			`<key>IntegrityAlgorithm</key>`
			`<string>SHA2-384</string>`
			`<key>DiffieHellmanGroup</key>`
			`<integer>14</integer>`
			`</dict>`
			`<key>ChildSecurityAssociationParameters</key>`
			`<dict>`
			`<key>EncryptionAlgorithm</key>`
			`<string>AES-128-GCM</string>`
			`<key>IntegrityAlgorithm</key>`
			`<string>SHA2-256</string>`
			`<key>DiffieHellmanGroup</key>`
			`<integer>14</integer>`
			`</dict>`
			`<key>EnablePFS</key>`
			`<integer>1</integer>`
			`<key>PayloadCertificateUUID</key>`
			`<string>{{ p12_uuid }}</string>`
			`</dict>`
			`</dict>`
			`<dict>`
			`<key>PayloadIdentifier</key>`
			`<string>{{ common_name }}</string>`
			`<key>PayloadUUID</key>`
			`<string>{{ p12_uuid }}</string>`
			`<key>PayloadType</key>`
			`<string>com.apple.security.pkcs12</string>`
			`<key>PayloadVersion</key>`
			`<integer>1</integer>`
			`<key>PayloadContent</key>`
			`<data>{{ p12 }}</data>`
			`</dict>`
			`<dict>`
			`<key>PayloadIdentifier</key>`
			`<string>{{ authority.certificate.common_name }}</string>`
			`<key>PayloadUUID</key>`
			`<string>{{ ca_uuid }}</string>`
			`<key>PayloadType</key>`
			`<string>com.apple.security.root</string>`
			`<key>PayloadVersion</key>`
			`<integer>1</integer>`
			`<key>PayloadContent</key>`
			`<data>{{ ca }}</data>`
			`</dict>`
			`</array>`
			`</dict>`
			`</plist>`