Versions Compared

Old Version 96

changes.mady.by.user Former user

Saved on

compared with

New Version 97

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Let's take a look at the tasks that Tom, the EMM administrator of MobX, has to do from downloading WSO2 EMM to registering the iOS device of Kim, the device owner.

...

Tip
titleBefore you begin
  1. WSO2 EMM supports devices on iOS 7, 8, 9, and 10.
  2. Install Oracle Java SE Development Kit (JDK) version 1.7.* or 1.8.* and set the JAVA_HOME environment variable. For more information on setting up JAVA_HOME on your OS, see Installing the Product.
  3. Download WSO2 EMM.

  4. Start WSO2 EMM by navigating to the <EMM_HOME>/bin directory using the command-line and executing wso2server.bat --run (for Windows) or wso2server.sh (for Linux).
    Example: Starting WSO2 EMM on a Linux OS.

    Code Block
    cd <EMM_HOME>/bin
./wso2server.sh

    The server starts, and the command line displays the management console URL, which ends in /carbon/. Note the host and port in this URL, which you will use in the next step to access the EMM console.

  5. In your browser, access the EMM Console by navigating to https://<EMM_HOST>:<EMM_PORT>/emm and log in using admin as the username and password.

  6. Obtain a signed Certificate Signing Request (CSR) file in the .plst format using any approach listed below:

    Note

    You need to have the signed CSR file in order to successfully configure WSO2 EMM with iOS. The CSR file you submit via the WSO2 site will be evaluated by the WSO2 Account Managers and then the required content to proceed with the iOS configurations will be sent within 3 to 4 working days. Therefore, we recommend you to obtain the signed CSR file before trying out this guide. 

    • Get your own certificate signed by Apple 

      You can use this method, if you were not successful in the WSO2 CSR evaluation process or if you wish to get your certificate directly signed by Apple. When following this approach, initially, register your organization with the Apple Developer Enterprise Program. Thereafter, follow the steps mentioned in MDM Vendor CSR Signing Overview


       

      Warning

      WSO2 only issues signed certificates to organizations who have successfully passed the evaluation process.

    • Make a request to WSO2, who is a registered EMM vendor with Apple, and get your certificate signed 
      When following this approach, carry out the steps mentioned below. After submitting the CSR file, a WSO2 Account Manager will contact you in due course to evaluate your request. 

      WSO2 only issues signed certificates to organizations who have successfully passed the evaluation process.
       

    1. Create a CSR file (e.g., customer.csr) from the EMM server using a private key.

      Info

      • Keep your private key and CSR file in a safe location.

      • You are prompted to provide a passphrase to secure the private key when generating it using the commands given below. Be sure to remember the passphrase, as you will need it again.

      Code Block
      openssl genrsa -des3 -out customerPrivateKey.pem 2048
openssl req -new -key customerPrivateKey.pem -out customer.csr

    2. Enter the requested information when prompted. This information is incorporated into the CSR with your organization’s official details. For example,

      Info

      Note that if you do not give the required information, your CSRs will be rejected in the signing process.

      Given below are the required fields:

      Field

      Usage/Purpose

      Organization Name

      Identifies the organization that the CSR belongs to. For this scenario, we entered MobX.

      Email

      When a certificate expires, the user has to renew the certificate. The email is used to identify the existing users. For this scenario, we entered tom@mobx.com as the email.

      Commonname

      Fully qualified domain name of your server.

    3. To get a signed CSR file in .plist format, submit the CSR file to WSO2 via the WSO2 site.

    4. Note that WSO2 account managers evaluate the CSR files and send you an email with the following information within 3 to 4 working days.

      • The signed CSR file in the .plst format
      • Agent source code
      • P2 repository, which contains the feature list

...

Generating an MDM APNS certificate

Except for a few operations (ring, message and get location) that are performed by the WSO2 EMM agent, all the other device operations, and policies are applied on an iOS device via it's operating system. Therefore, for the WSO2 EMM server to communicate with the operating system of the device, you need to generate the MDM APNS certificate.

The MDM APNS certificate will be referred to as the MDM certificate in the EMM Console.

...

  1. Open the <EMM_HOME>/repository/conf/app-manager.xml file.

  2. Add %https% as the value for the AppDownloadURLHost property.

    Code Block
    <Config name="AppDownloadURLHost">%https%</Config>
    Tip

    Tip: To test WSO2 EMM App management features on Android devices, please use one of the following options:

    • Change the value of the AppDownloadURLHost property back to HTTP 
    • Continue using HTTPS to install applications on Android devices by Generating a BKS File for Android.

...