Script to sign a folder of configuration profiles

#!/bin/bash

### Note the hardcoded "JamfSign" certificate name

# Source and destination folders
SOURCE_FOLDER="~/Desktop/source"
DESTINATION_FOLDER="~/Desktop/destination"

# Check if the source and destination folders exist
if [ ! -d "$SOURCE_FOLDER" ]; then
    echo "Source folder not found: $SOURCE_FOLDER"
    exit 1
fi

if [ ! -d "$DESTINATION_FOLDER" ]; then
    echo "Destination folder not found: $DESTINATION_FOLDER"
    exit 1
fi

# Sign and copy files
for file in "$SOURCE_FOLDER"/*.mobileconfig; do
    base_file_name=$(basename "$file")
    signed_file="$DESTINATION_FOLDER/${base_file_name%.mobileconfig}-signed.mobileconfig"

    /usr/bin/security cms -S -N "JamfSign" -i "$file" -o "$signed_file"

    if [ $? -eq 0 ]; then
        echo "Signed and copied $file to $signed_file"
    else
        echo "Failed to sign and copy $file"
    fi
done


Link:
https://learn.jamf.com/en-US/bundle/technical-articles/page/Creating_a_Signing_Certificate_Using_Jamf_Pros_Built-in_CA_to_Use_for_Signing_Configuration_Profiles_and_Packages.html#:~:text=In%20Jamf%20Pro%2C%20navigate%20to,Certificate%20Type%20pop%2Dup%20menu.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Share via
Copy link