Skip to end of metadata
Go to start of metadata

You need to your MDM solution, which is WSO2 IoT Server's EMM solution, to the Device Enrollment Program (DEP) portal. This allows you to successfully manage the Corporate Owned, Personally Enabled (COPE) iOS devices via WSO2 IoT Server's EMM device management console.

Before you begin!

  1. Make sure to be enrolled in the Apple DEP program.
  2. Download and install OpenSSL. Linux OS's have OpenSSL installed by default.

  3. Generating the public key in the .pem format:

    1. Create a new directory to generate the public key.

    2. Create a file named openssl.cnf in the directory you just created.

    3. Copy the code given below to the openssl.cnf and save it.

      [ v3_req ]# Extensions to add to a certificate request
      keyUsage = digitalSignature, keyEncipherment
      [ v3_ca ]
      # Extensions for a typical CA
      # PKIX recommendation.
      # This is what PKIX recommends but some broken software chokes on critical
      # extensions.
      basicConstraints = critical,CA:true
      # So we do this instead.
      #basicConstraints = CA:true
      # Key usage: this is typical for a CA certificate. However since it will
      # prevent it being used as an test self-signed certificate it is best
      # left out by default.
      keyUsage = digitalSignature, keyCertSign, cRLSign
    4. Navigate into the directory and run the commands given below in the given order.

      openssl genrsa -out dep_private.key 4096 
      openssl req -new -key dep_private.key -out dep.csr
      openssl x509 -req -days 365 -in dep.csr -signkey dep_private.key -out dep.crt -extensions v3_ca -extfile ./openssl.cnf
      openssl x509 -in dep.crt -out dep.pem

      Now, you see the dep.pem file created in the directory you created.

  1. Navigate to the Apple Deployment Programs.


    Do not close this browser session until you are done configuring the DEP portal. If you do close the browser session, you need to enter the verification code again and start configuring the DEP portal from where you stopped.

  2. Sign in with your organization's Apple credentials.

  3. Click Get Started to automate the Mobile Device Management (MDM) enrollment.

  4. Confirm your identity by entering the verification code that was sent to the device you entered when creating an account for DEP, and click Continue

    The DEP portal screen appears.
  5.  In the left-navigation pane, select Manage Servers.
  6. Click Add MDM Server to create a virtual machine that groups devices in the DEP portal. This allows WSO2 IoT Server to manage the EMM devices.

  7. Enter the MDM Server name for your organization. For example, you can enter WSO2 EMM Server.

    If you selected Automatically Assign New Devices, each new device that is added to your DEP account is automatically added to the MDM Server you are creating. It is recommended to select this, if your organization is having only one MDM Server, as it will be easy for you to manage the devices.

  8. Click Next.

  9. Click Choose File and upload the public key that you generated as a .pem file before starting this tutorial.
  10. Click Next.
  11. Click Your Server Token and click  Done .. An encrypted Apple server token file in the .p7m file format downloads. Make sure to save it in a convenient location.

The DEP server token expires in an year (365 days). Therefore, you need to renew it when it expires. For more information on how to renew the expired token, see Renewing the DEP Server Token.

What's Next?

Now, you need to add your organization's COPE devices to your DEP portal. For more information, see Adding Devices to the DEP Portal.

  • No labels