Enrolling iOS 5 with Symantec Mobile Management, Using SSL to Secure the communication for iOS devices


Article ID: 181004


Updated On:


Mobile Management IT Management Suite





iOS 5 devices accept only SSL enrollment, you can use a commercial certificate or use an in-house issued one. A commercial certificate doesn't need to proceed with the steps below as the CA will be trusted on the device by default.

The in-house certificate should be created via a CA server.

1-Create a SSL certificate using CA server, the name of the certificate has to match the URL which the iOS device use for communication.

2-Using MMC Certificates console import the created certificate on the MMS on (Personal > Certificates)

3-From the IIS console change the "bindings" settings to reflect the created SSL certificate from the CA

4-Installing the certificate on the iOS devices during the enrollment :

    a) From MMC Certificates console double click the certificate imported in step 2, 
         on "Certificate Path" tab click on the intermediate certificate then "View Certificate", on "Details" tab click "Copy to File" and save your *.cer file.

    b) From NS console, Home > Mobile Management, Configuration > iOS configuration Editor > Credentials,
        Click the "star icon" to create a new profile, click on "Select cert file" and choose the intermediate certificate exported in step 4a, then click "Save Changes"

    c) From "iOS MDM Enrollment Configuration", under (Additional Configuration Profiles to include) click the "start icon" and choose the profile created in step 4b, Click Save Changes.

During the enrollment the CA certificate "credentials profile" will be installed with the MDM profile allowing the communication to be trusted successfully.


More Detailed Steps are in the following link: https://www-secure.symantec.com/connect/articles/enrolling-ios-5-symantec-mobile-management-using-house-internally-signed-certificate-ios-en