IOS8 SCEP注册在第二次安装时失败

时间:2015-03-03 08:34:55

标签: ios ios8 certificate ota jscep

OTA证书注册流程可根据需要多次在IOS7设备上运行。

相关的IOS7日志,用于基于相同的config / ca /​​签名证书等安装第二个证书:

  profiled[1397] <Notice>: (Note ) MC: Retrieving profile from OTA Profile service...
 profiled[1397] <Notice>: (Note ) MC: Received final profile: com.myConfig.profile
 profiled[1397] <Notice>: (Note ) MC: Beginning profile installation...
 <Notice>: (Note ) MC: Profile “com.myConfig.profile” is replacing an existing profile having the same identifier.
 securityd[1349] <Error>:  SecDbItemInsertOrReplace INSERT failed: The operation couldn’t be completed. (com.apple.utilities.sqlite3 error 19 - reset: [19] columns ctyp, issr, slnr, agrp, sync are not unique sql: INSERT INTO cert(rowid,cdat,mdat,ctyp,cenc,labl,alis,subj,issr,slnr,skid,pkhh,data,agrp,pdmn,sync,tomb,sha1)VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?))
 securityd[1349] <Error>:  securityd_xpc_dictionary_handler profiled[1397] add The operation couldn’t be completed. (OSStatus error -25299 - duplicate item O,cert,85233947,L,dku,apple,0,ctyp,cenc,labl,subj,issr,slnr,pkhh,v_Data,20150303054909.447036Z,CF75A17F)
 profiled[1397] <Error>:  SecOSStatusWith error:[-25299] The operation couldn’t be completed. (OSStatus error -25299 - Remote error : The operation couldn‚Äôt be completed. (OSStatus error -25299 - duplicate item O,cert,85233947,L,dku,apple,0,ctyp,cenc,labl,subj,issr,slnr,pkhh,v_Data,20150303054909.447036Z,CF75A17F))
 profiled[1397] <Notice>: (Note ) MC: Attempting to retrieve issued certificate...
 securityd[1349] <Error>:  CFPropertyListReadFromFile file file:///Users/Library/Developer/CoreSimulator/Devices/9B6A7852-9C11-4FCC-8327-E1BD33EA7CF5/data/Library/Keychains/accountStatus.plist: The operation couldn’t be completed. (Cocoa error 260.)
 <Notice>: (Note ) MC: Issued certificate received.
 securityd[1349] <Error>:  SecDbItemInsertOrReplace INSERT failed: The operation couldn’t be completed. (com.apple.utilities.sqlite3 error 19 - reset: [19] columns kcls, klbl, atag, crtr, type, bsiz, esiz, sdat, edat, agrp, sync are not unique sql: INSERT INTO keys(rowid,cdat,mdat,kcls,labl,alis,perm,priv,modi,klbl,atag,crtr,type,bsiz,esiz,sdat,edat,sens,asen,extr,next,encr,decr,drve,sign,vrfy,snrc,vyrc,wrap,unwp,data,agrp,pdmn,sync,tomb,sha1)VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?))
 securityd[1349] <Error>:  securityd_xpc_dictionary_handler profiled[1397] add The operation couldn’t be completed. (OSStatus error -25299 - duplicate item O,keys,0CC69ECD,L,dku,apple,0,kcls,labl,perm,priv,modi,klbl,atag,crtr,type,bsiz,esiz,sdat,edat,sens,asen,extr,next,encr,decr,drve,sign,vrfy,snrc,vyrc,wrap,unwp,v_Data,20150303054921.112843Z,344A0836)
 <Error>:  SecOSStatusWith error:[-25299] The operation couldn’t be completed. (OSStatus error -25299 - Remote error : The operation couldn‚Äôt be completed. (OSStatus error -25299 - duplicate item O,keys,0CC69ECD,L,dku,apple,0,kcls,labl,perm,priv,modi,klbl,atag,crtr,type,bsiz,esiz,sdat,edat,sens,asen,extr,next,encr,decr,drve,sign,vrfy,snrc,vyrc,wrap,unwp,v_Data,20150303054921.112843Z,344A0836))
 profiled[1397] <Notice>: (Note ) MC: Profile “com.myConfig.profile” installed.
 profiled[1397] <Notice>: (Note ) MC: Removing certificate with persistent ID 636572740000000000000005
 securityd[1349] <Error>:  CFPropertyListReadFromFile file file:///Users/Library/Developer/CoreSimulator/Devices/9B6A7852-9C11-4FCC-8327-E1BD33EA7CF5/data/Library/Keychains/accountStatus.plist: The operation couldn’t be completed. (Cocoa error 260.)
 <Notice>: (Note ) MC: Removing certificate with persistent ID 69646e740000000000000006
 profiled[1397] <Notice>: (Note ) MC: Removing certificate with persistent ID 69646e740000000000000007
 profiled[1397] <Notice>: (Note ) MC: Removing certificate with persistent ID 69646e740000000000000001
 profiled[1397] <Notice>: (Note ) MC: Removing certificate with persistent ID 69646e740000000000000004

在IOS8下,初始注册和配置文件安装有效。但是,在任何后续注册中都会引发以下错误:

profiled[2253]: (Note ) MC: Checking for MDM installation...
profiled[2253]: (Note ) MC: ...finished checking for MDM installation.
profiled[2253]: (Note ) MC: Enrolling in OTA Profile service...
profiled[2253]:  SecTrustEvaluate  [leaf AnchorTrusted]
securityd[1617]:  securityd_xpc_dictionary_handler profiled[2253] add The operation couldn’t be completed. (OSStatus error -25299 - duplicate item O,cert,688B8CB6,L,dku,com.apple.certificates,0,ctyp,cenc,labl,subj,issr,slnr,pkhh,v_Data,20150303080953.465563Z,6CDCA2CB)
profiled[2253]:  SecOSStatusWith error:[-25299] The operation couldn’t be completed. (OSStatus error -25299 - Remote error : The operation couldn‚Äôt be completed. (OSStatus error -25299 - duplicate item O,cert,688B8CB6,L,dku,com.apple.certificates,0,ctyp,cenc,labl,subj,issr,slnr,pkhh,v_Data,20150303080953.465563Z,6CDCA2CB))
profiled[2253]:  SecTrustEvaluate  [leaf AnchorTrusted]
profiled[2253]: (Note ) MC: Attempting to retrieve issued certificate...
profiled[2253]:  SecTrustEvaluate  [leaf AnchorTrusted ValidLeaf ValidRoot]
profiled[2253]: (Note ) MC: Issued certificate received.
securityd[1617]:  securityd_xpc_dictionary_handler profiled[2253] add The operation couldn’t be completed. (OSStatus error -25299 - duplicate item O,cert,B7CCBFFA,L,dku,com.apple.identities,0,ctyp,cenc,labl,subj,issr,slnr,pkhh,v_Data,20150303080954.973098Z,0A162218)
profiled[2253]:  SecOSStatusWith error:[-25299] The operation couldn’t be completed. (OSStatus error -25299 - Remote error : The operation couldn‚Äôt be completed. (OSStatus error -25299 - duplicate item O,cert,B7CCBFFA,L,dku,com.apple.identities,0,ctyp,cenc,labl,subj,issr,slnr,pkhh,v_Data,20150303080954.973098Z,0A162218))
profiled[2253]: *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '*** setObjectForKey: key cannot be nil'
    *** First throw call stack:
    (
        0   CoreFoundation                      0x00000001057cff35 __exceptionPreprocess + 165
        1   libobjc.A.dylib                     0x0000000107deebb7 objc_exception_throw + 45
        2   CoreFoundation                      0x00000001056d6998 -[__NSDictionaryM setObject:forKey:] + 968
        3   profiled                            0x0000000105222227 profiled + 209447
        4   profiled                            0x000000010522297a profiled + 211322
        5   libdispatch.dylib                   0x0000000108554af4 _dispatch_client_callout + 8
        6   libdispatch.dylib                   0x000000010853eabb _dispatch_barrier_sync_f_invoke + 76
        7   profiled                            0x00000001052228f7 profiled + 211191
        8   profiled                            0x00000001052360e0 profiled + 291040
        9   profiled                            0x0000000105236a4d profiled + 293453
        10  profiled                            0x000000010523c60b profiled + 316939
        11  profiled                            0x00000001051f29ef profiled + 14831
        12  libdispatch.dylib                   0x000000010853aaf6 _dispatch_call_block_and_release + 12
        13  libdispatch.dylib                   0x0000000108554af4 _dispatch_client_callout + 8
        14  libdispatch.dylib                   0x000000010853f8cf _dispatch_queue_drain + 733
        15  libdispatch.dylib                   0x000000010853f494 _dispatch_queue_invoke + 217
        16  libdispatch.dylib                   0x00000001085413fa _dispatch_root_queue_drain + 479
        17  libdispatch.dylib                   0x00000001085422c9 _dispatch_worker_thread3 + 98
        18  libsystem_pthread.dylib             0x00000001088d4637 _pthread_wqthread + 729
        19  libsystem_pthread.dylib             0x00000001088d240d start_wqthread + 13
    )

当SCEP服务器向IOS8设备发送对GetCaCert的响应时发生错误,GetCaCert是一个不会改变的静态ca证书。我还尝试在重新安装之前删除已安装的配置文件,但这并未改变观察到的行为。只有重置才能使配置文件安装成功。

有人有什么想法吗?

0 个答案:

没有答案
相关问题
最新问题