7

Apple MDM is used. It is MDM using APNs.

  • The topic of mobileconfig is the same as the thing of Subject of APSP-XXX.pem.
  • The character string of a device token and PushMagic reached the MDM server after the setup of mobileconfig.

I sent wording of a telegram for device tokens using APNs. It is replacing by the character string of PushMagic. Although {"mdm":"xxxxxxxxxxxxx-xxxx-xxxx-xxxx"} is sent via APNs from the MDM server, iPhone is not reached.

Why is it?

Richard Slater
  • 6,313
  • 4
  • 53
  • 81
Tsurumaru Makoto
  • 229
  • 6
  • 20
  • Can you provide more detail on the steps you take to send the APNS notification to the enrolled device? – rlandster May 14 '12 at 04:19
  • I generated push certificate for MDM. Its got a valid subject/topic. When viewed in keychain store it says "This certificate was signed by an unknown authority". There's also no private key associated with it. Any idea whats wrong? – Sahil Khanna Sep 05 '12 at 09:09

3 Answers3

2

Follow MDM_Protocol pdf very carefully.

If you are following this link: http://www.softhinker.com/in-the-news/iosmdmvendorcsrsigning Then verify few things.

remove the passphrase from customerPrivateKey.pem using this command

openssl rsa -in customerPrivateKey.pem -out PlainKey.pem

Then merge your APNS certificate (for example CustomerCompanyName.pem) downloaded from the portal https://identity.apple.com/pushcert/ using this command

cat CustomerCompanyName.pem PlainKey.pem > PlainCert.pem

Now this PlainCert.pem file can be used in your server as APNS/MDM certificate.

If still there is issue,please show here your device log.

User97693321
  • 3,336
  • 7
  • 45
  • 69
  • @TsurumaruMakoto Hi, Will you please help me in setting up MDM server for iOS devices. I have done all the certificsates part using this reference https://github.com/project-imas/mdm-server . I am stuck what to do now ? Please help me. – sau Jun 08 '15 at 13:00
  • could you please check this, https://stackoverflow.com/q/44886700/3145189 – Sheshnath Jul 03 '17 at 13:27
0

the issue may be because two reasons:

  1. key and pem both should be present.
  2. password used should belong to the password use while creating pem
Varun Jain
  • 73
  • 2
  • 8
0

I made a python script that does the vendor signing part, so you don't have to use the softhinker java code.

https://github.com/grinich/mdmvendorsign

Michael Grinich
  • 4,770
  • 8
  • 29
  • 30