3.11.7 Procedure for creating MDM client certificates (when managing iOS devices)
Upload the MDM signed-certificate request file to create MDM client certificates. You need to perform this procedure only when managing iOS devices.
Prerequisites
-
You must purchase a license for the Apple Developer Enterprise Program.
-
You must contact Apple to register as MDM vendor.
-
You must perform the procedure below on the Mac computer to which the MDM certificate request file was downloaded or created.
-
You must create the MDM signed-certificate request file in advance.
Procedure
-
Log in to Apple Push Certificates Portal.
-
Click the Create a Certificate button.
-
Select the check box for accepting the terms of the license agreement, and then click the Accept button.
-
Select the plist_encoded file to be uploaded, and then click the Upload button.
When the file is uploaded successfully, an MDM certificate file is created.
-
Click the Download button to obtain the certificate file (mdm_vendor.pem).
-
Click the information icon (Certificate Info), and then confirm the UID of the Subject DN.
- Tip
-
You need the UID when creating a configuration profile communication server in order to distribute client certificates to iOS devices.
-
Execute the following command to create the APNsMDMPushDev.p12 file from the private key and pem file:
openssl pkcs12 -export -inkey customerPrivateKey.pem -in mdm_vendor.pem -out APNsMDMPushDev.p12
Related Topics