...
Create a Certificate Signing Request (CSR) file (for example,
customer.csr) from the MDM server using your private key. Keep your private key and CSR file in a safe location for further reference.Code Block openssl genrsa -des3 -out customerPrivateKey.pem 2048 openssl req -new -key customerPrivateKey.pem -out customer.csr
- Submit the CSR file to WSO2 via our site in order to obtain the signed CSR file in
.plistformat. - Go to the Apple Push Certificate Portal at https://identity.apple.com/pushcert/ and login with your customer account details.
You do not need to have an enterprise account for this purpose. - Upload the the encoded
.plistfile and download the generated MDM signing certificate (MDM_Certificate.pem).
The MDM signing certificate, is a certificate for 3rd party servers provided by Apple.
Note down theAnchor MDM_APNS_TopicID MDM_APNS_TopicID USERID(TOPIC ID) from the MDM signing certificate (MDM_Certificate.pem)as it will be used later in the configuration.
For example, you can use the following URL to decode the file to obtain theUSERID:
http://www.sslshopper.com/certificate-decoder.html- Remove the password from the your private key file (e.g.,
customerPrivateKey.pem).
openssl rsa -in customerPrivateKey.pem -out customerKey.pem - Merge the customer key file that was derived in the latter step, with the MDM signing certificate to generate the MDM Apple Push Notification Service (APNS) Certificate.
For example, merge thecustomerKey.pemfile with theMDM_Certificate.pemfile to generate theMDM_APNSCert.pemfile.
cat MDM_Certificate.pem customerKey.pem > MDM_APNSCert.pem - Open the MDM Apple Push Notification service (APNs) Certificate (
MDM_APNSCert.pem) and ensure that there is a line break between the contents of the two files.
Convert theAnchor pem_pfx pem_pfx MDM_APNSCert.pemfile to theMDM_APNSCert.pfxfile. You will need to provide a password when converting the file.
openssl pkcs12 -export -out MDM_APNSCert.pfx -inkey customerPrivateKey.pem -in MDM_APNSCert.pem