Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Apple MDM Vendor CSR Signing

Tags:

java

ios

iphone

mdm

I hit 'Invalid Certificate Signing Request' when uploading plist to https://identity.apple.com/pushcert/ , and below are steps I used to generate plist :

  1. As a vendor, create vendor CSR using KeyChain Access of the MacBook to upload to member centre to generate MDM signing certificate, and export private key from KeyChain Access in p12 format, say vendor.p12
  2. Create customer CSR, using Openssl :
    - openssl genrsa -des3 -out customerPrivateKey.pem 2048
    - openssl req -new -key customerPrivateKey.pem -out customer.csr
  3. As a vendor, download MDM signing certificate, WWDR intermediate certificate from provisioning portal, and download Apple root certificate from http://www.apple.com/appleca/AppleIncRootCertificate.cer, then use below command to convert these three certs to PEM format one by one which will be read by program as the PushCertCertificateChain :
    - openssl x509 -inform der -in AppleWWDRCA.cer -out chain.pem
  4. As a vendor, following sample java code in Mobile Device Management Protocol Reference, I sign the customer.csr with the private key extracted from vendor.p12
  5. Using Safari to upload generated plist to https://identity.apple.com/pushcert/ with customer Apple ID

Is there anything wrong with above steps? Please advise. Thanks a lot!

like image 786
CrimsonWorks Avatar asked Dec 14 '11 07:12

CrimsonWorks

People also ask

How do I become a vendor for Apple MDM?

Show activity on this post. 2) Contact Apple (https://developer.apple.com/contact/submit.php) and ask to be an MDM vendor. They should enable you as an MDM vendor and you will have a "Other" tab in your "Certificates" section to send a Cert. Signing Request for MDM purposes.

What is an Apple push certificate?

Apple Push Certificate helps APNs to identify the provider of the push notifications and the application that receives the push notifications. Apple's terms of service require that each legal entity that manages Apple devices, must acquire its own certificate.

How is an iOS MDM certificate obtained?

Click Download Certificate Signing Request. Click the Apple Push Certificates Portal link to start the process of requesting the MDM certificate. When you receive the certificate, click Upload MDM Certificate to open the Upload MDM Certificate window. Click Browse to select the MDM certificate.

Is Apple MDM push certificate free?

Answer: A: MDM push certificates are always free. Everything within the MDM and ASM/ABM framework are free.

1 Answers

Please see detailed steps and source code here to generate plist.

like image 118
Softhinker.com Avatar answered Oct 26 '22 22:10

Softhinker.com
Sign in to Comment

Related questions

Potential pitfalls in using a JMS queue?
Generics vs. Interfaces
Save custom object array in instance state
how to kill a thread which is waiting for blocking function call in Java?
Custom Exceptions: Differentiate via many subclasses or single class backed with enum?
How can I create a JTextArea with a specified width and the smallest possible height required to display all the text?
Perl or Java Sentiment Analysis
Spring and Hibernate suddenly set the transaction to readonly
LookAndFeel-independent reference of color keys
Wireless API for Linux in C or Java
Library to manage XAdES signatures in Java [closed]
What is "Sim blocking" (seen in tomcat doc)?
Why doesn't the JVM compile the entire program up front, instead of compiling it piece-by-piece?
How to use @Pattern on non-mandatory fields JSR 303
Should annotations in jar305.jar be preferred over similar annotations in annotation.jar for FindBugs?
What is the java.sql.Types equivalent for the MySQL TEXT?
The inherited method Object.clone() cannot hide the public abstract method
Efficiently color cycling an image in Java
Strategy for parsing natural language descriptions into structured data
Spring Dependency Injection and Plugin Jar

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!