Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

...

Info
titleApple Push Notification Service Update

Apple has announced a new protocol must be used for the Apple Push Notification service as of March 29th, 2021 as well as a new root certificate must be incorporated in the MDM solution.

In CapaInstaller 6.1 both have been implemented. To make installations simpler and easier to maintain, Apple Push Certificate in CapaInstaller 6.1 is uploaded to CapaInstaller's s Cloud service - the certificate is no longer installed on MDM server(s). Certificate The certificate is uploaded to CapaInstaller MDM Portal.

Upgrading from CapaInstaller 6.0 to CapaInstaller 6.1

In CapaInstaller 6.1 Push messages for Apple and Android are sent from CapaOne and new features are available only on the MDM Portal. To link between your installation and CapaOne you must have a Portal  Access Token in the console.


Check if you already have a Portal Access Token:

Portal Access Token
1.

Open System Administration module in CapaInstaller Console, select Software Accounts and then select CapaOne. 

If you have a Portal Access Token you don't need to do further.

Image Added


When you upgrade to CapaInstaller 6.1, you must upload the Apple Push Notification Certificate to https://mdm.capaone.com.  Check you have access to https://mdm.capaone.com/certificates. Use the same credentials as to https://portal.capaone.com. If you do no have access contact your CapaInstaller Account Manager.To do this, run

To generate a new APN Certificate follow the Apple Push Certificate Request from CapaInstaller Console. Se Uploading the certificate is done automatically. Just follow the guide below.

 Request and generate or update an Apple Push Certificate

StepAction
1

In the "System Administration" module, select menu item "Actions", then select "Apple Push Certificate request.."

Image Modified

2

Wizard starts, press the "Next" button to proceed

Image Modified

3

If the "Verify OpenSSL" isn't status Passed go to Install OpenSSL

If the "Verify access to Capainstaller certificate request signing service" isn't status passed you must:

First, try to open a browser on the machine from which you run this wizard. Open the following URL: http://certservice.capainstaller.com:7000/status

Ensure that port 7000 is opened from the CapaInstaller server out to the internet. The certificate request signing service is placed on a Capainstaller server at port 7000.

Image Modified

4

Select an output folder. Press the "Start" button, and click "Next" when the certificate request is finished

Image Modified

5Now you have created the certificate request which has been signed by CapaSystems and stored in the previously selected output folder
6

Press the "Open Apple Push Certificates Portal"

Image Modified

7
Login

Log in with your Apple Push Certificates Portal account

Image Modified

8

Press the "Renew" tab

Image Modified

9

If this disclaimer appears then just accept it

Image Added

10

Press "Choose File" and select the file named: plist_encoded, it is stored in the output directory, and click "upload"

Image Removed

Image Modified

11

Now you should get the real certificate as shown in the picture.

First, you should open your calendar and insert an alert that will expire a month before the certificate's expiring date. This will help you recall when to get a new certificate.

Image Modified

12738px
12

You should now press the "Create Certificate File" button in the CapaInstaller certificate Wizard in order to continue the certificate issuing process.

Image Modified

13

In the "Apple certificate File" select the certificate downloaded from the Apple push Cert page. (Named: MDM_something.pem)

When that is done, press the start tab and then click next

Image Modified

14

Now you have the Apple Push Certificate in your output folder (File extension is pfx)

Image Modified

15
Now you need to open MMC

A new Apple Push Certificate has been generated and uploaded to CapaOne.

Image Modified

16

Logon to https://mdm.capaone.com and

check

select Certificates

Image Added

17

Check the certificate is uploaded and valid

Image Removed
Image Added