The identity certificate for mdm profile could not be found

zahidmaqbool's picture

zahidmaqbool

Joined: Mar 28, 2012
No votes yet

I was trying to develop a MDM solution for iOS and I would like to test MDM with both methods of distributing device identity via PKCS12 and SCEP. Currently I am doing it using PKCS12, so here is what I am doing:

1. Send a Profile Service profile to the device asking its device id, IMEI, Version etc.
2. Device responds with the requested attribute - signed using the Apple Provided Certificate.
3. I now issue a PKCS12 certificate to the device using the credentials payload.
4. Device responds again with its attributes - this time signed using the above certificate.
5. I deliver an MDM payload setting the IdentityCertificateUUID to the payload UUID of the certificate issued in step 3.

I get profile could not be installed. Upon examining the logs, I found out the error The identity certificate for mdm profile com.mdm.xyz could not be found.

If at Step 5, I issue the MDM profile with a new certificaate included in the payload everything works. I am not sure if this is the right way to issue another certificate. I was thinking to utilize the same certificate issued at Step 3.

I think I am doing something wrong here and this may not be the correct way. Any help would be much appreciated. Thanks.

Top
AirWatch's picture

AirWatch

Joined: Feb 23, 2011
WWW

It appears that Step 5 was

Your rating: None

It appears that Step 5 was using a new profile. Payload UUIDs cannot be referenced across profiles (only from the same profile, preventing a profile from using another profile's certificate).

I hope this helps solve your issue.

The AirWatch Team

Top

Who is online?

There are currently 0 admins, 0 users and 10 guests online. Connected users: .

Recent Activity