com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_link3' is unknown.

Obtaining the Signed CSR File

To test out the iOS device enrollment process of WSO2 EMM, you need to have the required certificates made available via Apple, for this you can use one of the following approaches:

  • Make a request to WSO2, who is a registered EMM vendor with Apple, and get your certificate signed
    When following this approach, carryout the steps mentioned under Obtaining the Signed CSR file. After submitting the CSR file, a WSO2 Account Manager will contact you in due course to evaluate your request. 

    WSO2 only issues signed certificates to organizations who have successfully passed the evaluation process.

  • Get your own certificate signed by Apple
    You can use this method, if you were not successful in the WSO2 CSR evaluation process or if you wish to get your certificate directly signed by Apple. When following this approach, initially, register your organization with the Apple Developer Enterprise Program. Thereafter, follow the steps mentioned in MDM Vendor CSR Signing Overview. 

NOTE

The signed certificate is only valid for a year. Once the certificate expires, you can renew it as explained below:

  • If you have subscribed to WSO2 to receive production support, raise a ticket to renew your expired certificate and the WSO2 team will get back to you with the renewed certificate. However, the best practice would be for your organizations to obtain their certificates from Apple.
  • If you have not subscribed to WSO2, you need to generate your own signed certificate.

Once the certificate is renewed, you need to add the newly generated certificate under iOS platform configurations in the WSO2 EMM console as explained in step 5 of the iOS platform configuration guide.

Follow the instructions below to obtain the signed CSR file in the .plst format:

  1. Create a Certificate Signing Request (CSR) file (e.g., customer.csr)  from the EMM server using your private key. Keep your private key and CSR file in a safe location for further reference.

    openssl genrsa -des3 -out customerPrivateKey.pem 2048
    openssl req -new -key customerPrivateKey.pem -out customer.csr

    After the above command is executed, you will be prompted to enter some information. Make sure to fill in all the information as it will be incorporated into the CSR with your organization’s official details. The compulsory fields have been described as follows:

    Filed

    Usage/Purpose

    Organization Name

    Identifies what organization the CSR belongs to.

    Email

    When a certificate expires, the customers will have to renew their certificate. In such situations, the email will be used to identify the existing customers.

    Common name

    Fully qualified domain name of your server.

    If the compulsory information is not provided, the CSRs will be rejected in the signing process.

    The following is a screenshot of a sample CSR file generation process in Linux. The same process is applicable to Mac users as well.

  2. Submit the CSR file to WSO2 via our site in order to obtain the signed CSR file in .plist format.

    A WSO2 Account Manager will evaluate the CSR file that you submitted and will get in touch with you in due course. After you successfully complete the evaluation process, you will receive an email with the following:

    • The signed CSR file in the .plst format.
    • Agent source code.
    • P2 repository, which contains the feature list.

What's next

Follow the proceeding steps in iOS server configurations.

com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links2' is unknown.