99 lines
3.8 KiB
Plaintext
99 lines
3.8 KiB
Plaintext
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
|
<plist version="1.0">
|
|
<dict>
|
|
<!-- https://developer.apple.com/library/content/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html -->
|
|
<key>PayloadDisplayName</key>
|
|
<string>{{ gateway }}</string>
|
|
<key>PayloadDescription</key>
|
|
<string>IPSec IKEv2 VPN connection via {{ gateway }}</string>
|
|
<!-- This is a reverse-DNS style unique identifier used to detect duplicate profiles -->
|
|
<key>PayloadIdentifier</key>
|
|
<string>{{ gateway }}</string>
|
|
<key>PayloadUUID</key>
|
|
<string>{{ service_uuid }}</string>
|
|
<key>PayloadType</key>
|
|
<string>Configuration</string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
<key>PayloadContent</key>
|
|
<array>
|
|
<dict>
|
|
<key>PayloadIdentifier</key>
|
|
<string>{{ gateway }}.conf1</string>
|
|
<key>PayloadUUID</key>
|
|
<string>{{ conf_uuid }}</string>
|
|
<key>PayloadType</key>
|
|
<string>com.apple.vpn.managed</string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
<key>UserDefinedName</key>
|
|
<string>{{ gateway }}</string>
|
|
<key>VPNType</key>
|
|
<string>IKEv2</string>
|
|
<key>IKEv2</key>
|
|
<dict>
|
|
<key>RemoteAddress</key>
|
|
<string>{{ gateway }}</string>
|
|
<key>RemoteIdentifier</key>
|
|
<string>{{ gateway }}</string>
|
|
<key>LocalIdentifier</key>
|
|
<string>{{ common_name }}</string>
|
|
<key>ServerCertificateIssuerCommonName</key>
|
|
<string>{{ authority.certificate.common_name }}</string>
|
|
<key>ServerCertificateCommonName</key>
|
|
<string>{{ gateway }}</string>
|
|
<key>AuthenticationMethod</key>
|
|
<string>Certificate</string>
|
|
<key>IKESecurityAssociationParameters</key>
|
|
<dict>
|
|
<key>EncryptionAlgorithm</key>
|
|
<string>AES-256</string>
|
|
<key>IntegrityAlgorithm</key>
|
|
<string>SHA2-384</string>
|
|
<key>DiffieHellmanGroup</key>
|
|
<integer>14</integer>
|
|
</dict>
|
|
<key>ChildSecurityAssociationParameters</key>
|
|
<dict>
|
|
<key>EncryptionAlgorithm</key>
|
|
<string>AES-128-GCM</string>
|
|
<key>IntegrityAlgorithm</key>
|
|
<string>SHA2-256</string>
|
|
<key>DiffieHellmanGroup</key>
|
|
<integer>14</integer>
|
|
</dict>
|
|
<key>EnablePFS</key>
|
|
<integer>1</integer>
|
|
<key>PayloadCertificateUUID</key>
|
|
<string>{{ p12_uuid }}</string>
|
|
</dict>
|
|
</dict>
|
|
<dict>
|
|
<key>PayloadIdentifier</key>
|
|
<string>{{ common_name }}</string>
|
|
<key>PayloadUUID</key>
|
|
<string>{{ p12_uuid }}</string>
|
|
<key>PayloadType</key>
|
|
<string>com.apple.security.pkcs12</string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
<key>PayloadContent</key>
|
|
<data>{{ p12 }}</data>
|
|
</dict>
|
|
<dict>
|
|
<key>PayloadIdentifier</key>
|
|
<string>{{ authority.certificate.common_name }}</string>
|
|
<key>PayloadUUID</key>
|
|
<string>{{ ca_uuid }}</string>
|
|
<key>PayloadType</key>
|
|
<string>com.apple.security.root</string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
<key>PayloadContent</key>
|
|
<data>{{ ca }}</data>
|
|
</dict>
|
|
</array>
|
|
</dict>
|
|
</plist>
|
|
|