search cancel

Certificate error when importing CSR certificate for MDM

book

Article ID: 237962

calendar_today

Updated On:

Products

IT Management Suite Client Management Suite

Issue/Introduction

The customer gets the error message below when he tries to import the signed CSR certificate for MDM (Modern Device Management):

Failed to import signing certificate
Cannot find the requested object.
 
image.png

Environment

ITMS 8.6 RU2

Resolution

The "Signing certificate" is a certificate for signing profiles. It should be obtained by the customer and it should not be signed by Broadcom (235793 "CSR signing for MDM").
Also no need to import CSR at our MDM certificate page - Only certificates are expected to be imported there.
 
We sign only APNS Certificate requests because it is mandatory to obtain an APNS certificate from the Apple portal. For APNS users need to create an APNS certificate request, export it and send it to us. Then we sign it and return it to the user. The user uses the signed APNS CSR at identity.apple.com to obtain an APNS certificate, that needs to be imported to our MDM Certificates page.
 
Other certificates should be prepared by the user - no actions from Broadcom are expected for other certificates type(Intermediate/ Signing/Server). Please find more details at our help page https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/it-management-suite/ITMS/Administration/About-Modern-Device-Management/Setting-up-MDM-for-macOS.html
 
 
 
Note:
 
In the case of getting the following error message while trying to install your wildcard cert used on your MDM server:
 
Failed to import signing certificate
The certificate with thumbprint xxxxxxx already exists.

 

This issue may occur when the same certificate is already imported to the SMP Server by non-MDM functionality (see certificates under Settings > Notification Server > Certificate Management in Symantec Management Console).