Advance preparation for managing iOS devices
To manage iOS devices, Systemwalker Desktop Keeper uses the Apple Push Notification Service provided by Apple.
For this reason, the MDM certificate issued by Apple must be obtained by following the steps shown below. The MDM certificate must be set to "Smart Delay Server" during its installation.
Note
Execute the following steps on a Mac OS.
Register in the iOS Developer Enterprise Program
Access the following URL (as of February 2015), and register in the "iOS Developer Enterprise Program".
https://developer.apple.com/jp/programs/ios/enterprise/
Obtain the signing certificate (MDM Signing Certificate)
Contact Apple via phone or email, and request an MDM vendor registration. Once Apple is informed that you want to be registered as an MDM vendor, they will start the registration process.
Follow Apple's instructions to create a signing certificate. The private key created in this step will later be required in step 3.
Export the private key
Export the private key used to create the signing certificate in PKCS#12 format. It can be exported using Keychain Access. The passphrase specified in this step will also be required in step 6.
Obtain the Apple Inc. intermediate certificate
Obtain the intermediate certificate (Worldwide Developer Relations) from the following URL (as of February 2014):
http://www.apple.com/certificateauthority/
Obtain the Apple Inc. Root Certificate
Obtain the root certificate (Apple Inc. Root Certificate) from the following URL (as of February 2014):
http://www.apple.com/certificateauthority/
Create the MDM certificate request file
Using the certificate and private key obtained in steps 2 to 5, create the MDM certificate private key and MDM certificate request file.
These can be created by executing the sign_csr.sh (create MDM certificate application file) script. Refer to the Systemwalker Desktop Keeper Reference Manual for details on how to use this script.
This script is stored in:
dtkDvdRom:\win32\SmartDevice\x86\Server\unified\Tool\sign_csr.shObtain the MDM certificate
By uploading the request file created in step 6 to the Apple Inc. website, the MDM certificate will become available for download (as of February 2014).
https://identity.apple.com/pushcert/
Convert the MDM certificate format
Convert the format of the downloaded MDM certificate.
Open Terminal, and execute the command shown below. The MDM certificate will be converted into PKCS#12 format. The converted file must be registered to the Smart Device Relay Server.
openssl pkcs12 -export -in mdmCertificate -inkey mdmCertificatePrivateKey -out outFile
For mdmCertificate, specify the downloaded MDM certificate (required).
For mdmCertificatePrivateKey, specify the private key created in step 6 (required).
For outFile, specify the file name of the converted certificate with the p12 extension (required).