I'm working on an iOS enterprise app that relies on an Configuration Profile being put on the phone. Unfortunately, the user can "cancel" this profile, which really screws with our app.

So I was wondering if a) is it possible to prevent a configuration profile from being deleted OR

b) is there a way to check to see if a configuration profile is installed already (say, at runtime, then we can just install it again if it's not there)?

• If you want the configuration profile not to be tampered with / disabled by the user, this is possible! If you're using Apple Configurator to build your .mobileconfig file in the generals tab select security as never. Be aware: once the profile is installed on the device it cannot be reverted unless you restore the device

• The long story short is there is no current documented way to even programmatically call / install a configuration profile (.mobileconfig) file onto the device: so if you're thinking about checking whether the profile exists and if not to install it, it's impossible (as for available documentation thus far) - if you do find a way let me know

Note:

.mobileconfig files can only run through Safari / Mail.

This similar SO discussion may help: Installing a configuration profile on iPhone - programmatically

It is possible to check is .mobileconfig is installed. What you need to do is:

1. Create CA (certificate authority) and export it as .cer.
2. Issue certificate using created CA and export is as well as .cer.
3. Using Apple Configurator app add CA .cer in the certificates area. Mobile configuration profile will have CA .cer.
4. Issued certificate (on step two) add to app bundle.
5. Using Security framework evaluate (SecTrustEvaluate) issued certificate on step 2.