Follow the instructions below to generate the MDM Apple Push Notification Service (APNS) certificate:
Why is this step required?
This certificate is required to carry out operations on the device that need to be triggered via the iOS operating system (OS). Therefore, this certificate is mandatory to enroll your iOS device with WSO2 IoT Server.
Further, in iOS, the server passes messages to the client via the Apple Push Notification Service (APNS). When doing so in order to establish a secure connection between WSO2 IoT Server and the APNS server, a client SSL certificate needs to be generated and downloaded from Apple Inc. This APNS certificate is used to send an awake message to your iOS device.
The MDM APNS certificate will be referred to as the MDM certificate in the WSO2 device management console.
Go to the Apple Push Certificate Portal at https://identity.apple.com/pushcert/ and log in with your customer account details.
You do not need to have an enterprise account for this purpose, all you need is your Apple ID. If you don't have one, create your Apple ID.
- Click Create Certificate and agree to the terms and conditions.
- Upload the encoded
.plistfile you generated by following the steps given under MDM Vendor CSR Signing Overview.
- Download the generated MDM signing certificate (
MDM_Certificate.pem). The MDM signing certificate is a certificate for 3rd party servers provided by Apple.
Note down the
USERID(TOPIC ID) from the MDM signing certificate (
MDM_Certificate.pem)as it will be used later in the configuration. The MDM signing certificate can be decoded to obtain the
USERIDby executing the following command:
Remove the password from your private key file (e.g.,
Merge the customer key file that was derived in the latter step, with the MDM signing certificate to generate the MDM Apple Push Notification Service (APNS) Certificate.
For example, merge the
customerKey.pemfile with the
MDM_Certificate.pemfile to generate the
- Open the MDM Apple Push Notification service (APNs) Certificate (
MDM_APNSCert.pem) and ensure that there is a line break between the contents of the two files.
The content will look as follows:
-----END CERTIFICATE----------BEGIN RSA PRIVATE KEY-----
Therefore, add a line break to separate the 2 certificates after 5
-(dashes) so that the content will look like what's shown below:
MDM_APNSCert.pemfile to the
MDM_APNSCert.pfxfile. You will need to provide a password when converting the file. Thereafter, follow the steps mentioned under iOS Platform Configurations.
- If you are using the WSO2 IoT Server iOS agent, you need to generate the APNS certificate.
If you are not using the WSO2 IoT Server iOS agent, configure the iOS platform via the device management console.
If you are not using the WSO2 IoT Server iOS agent, you don't need to generate the APNS certificate and follow the steps under iOS client configurations.