Creating iOS Certificates in Mobility Suite

book

Article ID: 158248

calendar_today

Updated On:

Products

Mobility Suite

Issue/Introduction

 Customers needs to have the necessary Apple: AppID's, SSL Certificates and Provisioning Profiles to create an In-house Agent and/or manage their iOS devices using the Web-clip

Certificate is not in PEM or P12 format, a provisioning profile is required to create the application

Cause

The necessary certificates needed to create the in-house agent have not been properly created and imported.

Resolution

Creating iOS Certificates for Mobility Suite

Apple Developer Codesigning

Navigating the highly customised Apple user interface can be challenging.  Also identifying which certificates and profiles do what, is very important.  This section deals mainly with how to create and configure all the required Apple certificates for iOS enrollment in Mobility Suite.

Required Items:

·        MAC OSX Lion

·        XCode 4.5 or later

·        Apple Developer Account ($300)

·        SAC Tenant (On-Prem or SaaS)

 

1.      Open Keychain access in the Finder by browsing to Applications and Utilities

2.      Select the login keychain in the upper left-hand corner.  Note: All work will be done from the “login” keychain.

3.      Select “Keychain Access” > “Certificate Assistant” at the top and select the “Request a Certificate from a Certificate Authority” option.

 

a.      Fill out the form with user information and select the “Save to disk” option and click continue.
Note: Best practice is to save this CSR with the company name followed by csr: (ie COMPANYNAMEcsr.certSigningRequest) to a folder on the Desktop named Certificates.

4.      Now create three folders in the Certificates folder named:

a.      Push

b.      MDM

c.      Code-Signing

Note: this is where the developer certificate will be placed.

 

5.      In Safari go to: https://developer.apple.com and select: iOS Dev Center.

a.      Login using the developer account.

b.      Select “Certificates, Identifiers & Profiles” in the upper right-hand corner.

 

6.      Select “Certificates” from the options and “Production”. Select the “+” symbol and select the production certificate option, using the previously created .CertSigningRequest file from Step 3.

7.      Download the newly created certificate and install it to the keychain by opening the certificate with the Keychain application or manually importing the cert using the Keychain application:

8.      The private key should be visible; associated with the certificate on the keychain, see below:

9.      Right-click on the certificate and select “Export”.  Save the exported Cert as a Personal Information Exchange (P12) in the Code-Signing folder. DO NOT create a password for this P12 certificate.  It is best practice to save this as the COMPANYNAME followed by “distP12” to distinguish it from the other certificates.

a.      Upload this certificate to the “Code-Signing Certificates” section of the App Center Admin Console (Admin > Settings > Apple/iOS Certificates).

 

AppID and Push Certificate Creation

10.   In Safari: navigate back to the iOS Dev Center > Certificates, identifiers & Profiles and select the “Identifiers” option from the list on the left then select “App IDs” and the “+” symbol at the top:

a.      Fill in the “App ID Description” Name field with something unique to identify the App ID from others, such as “Your Company MDM APP ID”.

b.      App Services” Select “Push Notifications or Services

c.      App ID Prefix” should be the “Team ID”, if any, or the only option.

d.      Explicit App ID” is the domainSuffix.yourDomain.subDomain.installer For example if the Mobility Suite resides at: https://appcenter.company.com the “Bundle ID” should be: com.company.appcenter.installer

 

11.   Reload the App ID’s console by clicking on “App ID’s” on the left; expand the newly created App ID and select the “Settings” button:

a.      Scroll down and under the Push Notifications options list select “Create Certificate” under the “Production SSL Certificate” section.

                                                    i.     Using that same CSR created in step three, upload that CertSigningRequest file and Click “Generate” and then Click “Done”.

b.      Refresh the App ID console and expand the App ID and download the “Production SSL Certificate” from the Push Notifications App ID feature:

 

12.   Save this certificate to the Push folder from Step 4.

a.      Open this certificate using Keychain, add it, and export it using the same method from Step 9 but saving the P12 push certificate to the Push folder following the similar naming convention to distinguish the certificates.

13.   Upload the .p12 push certificate to the Mobility Suite Admin Console: Settings > Apple/iOS Certificates; under the “Push Certificate” section:

 

 

 

MDM Certification Creation
 

a.      For On-Prem installations of Mobility Suite:

                                                    i.     Follow the istructions downloading the iOS MDM CSR from the Console and email this to [email protected] including the name, company, and a contact phone number, as well as the request:

                                                  ii.     Follow the uploading steps from Step 14:b:ii below:

 

 b.      For SaaS (ie the Mobility Suite URL ends in: appcenterhq.com):

                                                    i.     From the same section from Step 14:a:i; click “Download iOS MDM CSR”

                                                  ii.     Go to https://identity.apple.com/pushcert using Safari

1.      Click “Create a Certificate”

2.      Accept the terms…

3.      Upload the .applecsr file.

4.      Download the .PEM file.

14.   Upload the .PEM file to the Mobility Suite.

 

 

Applies To

 

 Mobility Suite on CentOS 6.6 and Redhat 6.6

Attachments