Introduction
...
| Info | ||
|---|---|---|
| ||
Apple has announced a new protocol must be used for Apple Push Notification service as of March 29th 2021 as well as new root certificate must be incorporated in the MDM solution. In CapaInstaller 6.1 both have been implemented. To make installations simpler and easier to maintain, Apple Push Certificate in CapaInstaller 6.1 is uploaded to CapaInstaller' s Cloud service - certificate is no longer installed on MDM server(s). Certificate is uploaded to CapaInstaller MDM Portal. |
Upgrading from CapaInstaller 6.0 to CapaInstaller 6.1
When you upgrade to CapaInstaller 6.1, you must upload the Apple Push Notification Certificate to https://mdm.capaone.com. Check you have access to https://mdm.capaone.com/certificates. Use the same credentials as to https://portal.capaone.com. If you do no have access contact your CapaInstaller Account Manager.
To do this, run the Apple Push Certificate Request from CapaInstaller Console. Se guide below.
Request and generate or update an Apple Push Certificate
| Step | Action |
|---|---|
| 1 | In the "System Administration" module, select menu item "Actions", then select "Apple Push Certificate request.."
|
| 2 | Wizard starts, press the "Next" button to proceed
|
| 3 | If the "Verify OpenSSL" isn't status Passed go to Install OpenSSL If the "Verify access to Capainstaller certificate request signing service" isn't status passed you must: First, try to open a browser on the machine from which you run this wizard. Open the following URL: http://certservice.capainstaller.com:7000/status Ensure that port 7000 is opened from the CapaInstaller server out to the internet. The certificate request signing service is placed on a Capainstaller server at port 7000.
|
| 4 | Select an output folder. Press the "Start" button, and click "Next" when the certificate request is finished
|
| 5 | Now you have created the certificate request which has been signed by CapaSystems and stored in the previously selected output folder |
| 6 | Press the "Open Apple Push Certificates Portal"
|
| 7 | Login with your Apple Push Certificates Portal account
|
| 8 | Press the "Renew" tab
|
| 9 | If this disclaimer appears then just accept it |
| 10 | Press "Choose File" and select the file named: plist_encoded, it is stored in the output directory, and click "upload"
|
| 11 | Now you should get the real certificate as shown in the picture. First, you should open your calendar and insert an alert that will expire a month before the certificate's expiring date. This will help you recall when to get a new certificate.
|
| 12738px | You should now press the "Create Certificate File" button in the CapaInstaller certificate Wizard in order to continue certificate issuing process.
|
| 13 | In the "Apple certificate File" select the certificate downloaded from the Apple push Cert page. (Named: MDM_something.pem) When that is done, press the start tab and then click next
|
| 14 | Now you have the Apple Push Certificate in your output folder (File extension is pfx)
|
| 15 | Now you need to open MMC
|
| 16 | Logon to https://mdm.capaone.com and check the certificate is uploaded and valid
|
| 17 | Click on Certificates, and click Add. |
| 18 | Click on "Computer account" and click next. |
| 19 | Now click "Local computer: (the computer this console is running on)" and click finish |
| 20 | Click "OK" |
| 21 | Now expand Certificates, Right-click "personal" and under "All Tasks" click "Import" |
| 22 | Click next |
| 23 | Browse your certificate now, and click next |
| 24 | Click next |
| 25 | Click Next |
| 26 | Click finish |
| 27 | Now under "certificates", you can see your renewed Apple Push Certificate |
| 28 | Now go back to the CI Console → Click on System Administration → Right-click your MDM Service → Click on Service Settings |
| 29 | Under Service settings, click the configuration tab, scroll down to "Apple Push Certificates", click on the "..." |
| 30 | Click on the "..." |
| 31 | select the renewed certificate, and click ok |
| 32 | now open the certificate store by opening run and typing "Certlm.msc" and then press Enter |
| 33 | Right-click the Apple push certificate and click on "open" then go to the "Details" tap and find the "Thumbprint" menu and copy the text in the menu |
| 34 | Paste the copied text under "thumbprint" in the Capa console and click "ok" |
| 35 | Now click ok |
| 36 | Now restart your MDM Service, and you have renewed your Apple Push Certificate |
| 37 | You made it well done! |
...