3.13.4 Procedure for creating a configuration profile on the communication server (when managing iOS devices)
Create a configuration profile on the communication server in order to distribute client certificates to iOS devices. You need to perform this procedure only when managing iOS devices.
Prerequisites
The following procedure is provided based on the iPhone Configuration Utility version 3.6.
Procedure
-
Install the Apple iPhone Configuration Utility.
-
In the left pane of the window, select Library, and then Configuration Profiles. Then, click the New button at the top of the window.
-
Specify the General settings as follows:
Item
Specifiable value
Name
Any
Identifier
Any
Organization
Any
Description
Any
Consent Message
Any
Security
Select With Authentication.
Automatically Remove Profile
Select Never.
-
In the Credentials settings, select the root certificate used for connecting iOS devices to the communication server. Then, enter the credential name, and then add the root certificate. (This step is required if the root certificate for the communication server is not installed on an iOS device.)
- Tip
-
You can also set root certificates for individual iOS devices.
-
In the Credentials settings, select the client certificate used by iOS devices to connect to the communication server. Then, enter the credential name and the password for the certificate, and then add the client certificate.
-
In the Credentials settings, select the client certificate (APNsMDMPushDev.p12) used by iOS devices to connect to the APNs server. Then, enter the credential name and the password for the certificate, and then add the client certificate.
-
Specify the Mobile Device Management Settings information as follows:
Item
Specifiable value
Server URL
https://communication-server-host-name:26055/CommunicationServerWeb/ios/server
Check in URL
https://communication-server-host-name:26055/CommunicationServerWeb/ios/checkin
Topic
Set the UID in the Subject DN of the MDM certificate created by using the Apple Push Certificates Portal.
Identity
In the list, select the credential name specified in step 5, which is used for connecting to the communication server.
Sign messages
Select the check box.
Check Out When Removed
Select the check box.
Access Rights
Select all check boxes.
Apple Push Notification Server
Clear the check box.
-
Click the Export button at the top of the window, select Sign Configuration Profile, and then export the configuration profile.
For the file name, specify mdmprofile.mobileconfig.
-
Store the configuration profile in the following folder on the communication server:
JP1/ITDM2 - SDM (Communication Server)-installation-folder\cms\conf
Related Topics