Setup iOS Device with Apple MDM Capabilities

Asked By 0 points N/A Posted on -
qa-featured

I am trying to set up iPhone with iOS through Apple MDM capabilities with the use of the iPhone Configuration Utility. I want to make a configuration profile. Doing this, I cannot set up the Identity entry which gives me an error stating: “Add credentials in the credentials payload.” iPhone Configuration Utility Documentation said, select the certificate that the device uses to identify itself to the MDM server. Add the certificate to the device using the Credentials Settings, or use SCEP Settings to provide instructions for the device to obtain the certificate using SCEP. In the first place, I am not under SCEP server.

So as an alternative, I am using a certificate but I was unable to produce a valid certificate. All the certificates that I added in the settings for credentials cannot be selected in the identity field. And lastly, when I attempt to set up the configuration without any certificate, I am receiving error: “Profile failed to install”. And another error in the console is stating: “The identity certificate for com.test.test.mdm1 could not be found”.  I am really lost now.

Does anyone ever tried to provide any iOS device with this kind of system? Please help.

SHARE
Answered By 10 points N/A #123614

Setup iOS Device with Apple MDM Capabilities

qa-featured

The problem may be occurring because you are not using the right credential settings for the iphone. You will need to know that iOS devices are capable of using X.509 certificates that have got RSA keys. The file extensions that are used in this case are .cer, .crt, and .der.

You will need to use the Credentials settings payload so as to be able to add certificates and identities to the device. Note that if you are using the certificates in PKCS1 and PKCS12 format then they will be supported. Once you have the credentials installed, you will also need to install the intermediate certificates which are needed to establish a chain to a trusted certificate that’s on the device.

-Thompson Locker

 

Related Questions