Generating and Renewing an APNs Certificate. Technical Paper May 2012



Similar documents
Guide for Generating. Apple Push Notification Service Certificate

How to generate an APNs Certificate to use the Apple MDM protocol via the portal

Generating an Apple Enterprise MDM Certificate

QuickStart Guide for Managing Mobile Devices. Version 9.2

Administering FileVault 2 on OS X Mavericks with the Casper Suite v9.2 or Later. Technical Paper October 2013

How to Obtain an APNs Certificate for CA MDM

Generating an Apple Push Notification Service Certificate

APNS Certificate generating and installation

QuickStart Guide for Mobile Device Management

Zenprise Device Manager 6.1

QuickStart Guide for Mobile Device Management. Version 8.6

Administering FileVault 2 on OS X Lion with the Casper Suite. Technical Paper July 2012

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.2

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Generating the APNs certificate is a three-step process: Download the AirWatch-signed CSR from the AirWatch Admin Console.

Sophos SafeGuard Disk Encryption for Mac and the Casper Suite

Administering Parallels Desktop 7 for Mac with the Casper Suite. Technical Paper November 2012

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

JAMF Software Server Installation Guide for Linux. Version 8.6

JAMF Software Server Installation and Configuration Guide for OS X. Version 9.2

JAMF Software Server Installation and Configuration Guide for OS X. Version 9.0

JAMF Software Server Installation and Configuration Guide for Windows. Version 9.3

Casper Suite Release Notes. Version 9.1

Creating an Apple APNS Certificate

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.0

Administering Adobe Creative Cloud for Enterprise with the Casper Suite v9.0 or Later. Technical Paper October 2013

Simplifying Device Enrollment and Content Distribution Using the Device Enrollment Program, the Volume Purchase Program, and the Casper Suite

Sophos Mobile Control Installation guide. Product version: 3.5

Sophos Mobile Control Installation guide. Product version: 3.6

Creating a Free Trusted SSL Cert with StartSSL for use with Synctuary

Sophos Mobile Control Installation guide

NetBoot/SUS Appliance User Guide. Version 1.0

Sophos Mobile Control Installation guide. Product version: 3

JAMF Software Server Installation Guide for Windows. Version 8.6

Create an ios App using Adobe Flash Side by Side Training, And without using a Mac

Casper Suite Administrator s Guide. Version 9.0

How To Package In Composer (Amd64)

BuzzTouch ios Push Notifications

QMX ios MDM Pre-Requisites and Installation Guide

QuickStart Guide for Managing Computers. Version 9.2

Mobile Secure Cloud Edition Document Version: ios Application Signing

Knappsack ios Build and Deployment Guide

Generating and Installing SSL Certificates on the Cisco ISA500

QuickStart Guide for Client Management. Version 8.7

Kony MobileFabric Messaging. Demo App QuickStart Guide. (Building a Sample Application

WebApp S/MIME Manual. Release Zarafa BV

Casper Suite. Security Overview

Sophos UTM. Remote Access via IPsec Configuring Remote Client

Sophos Mobile Control Startup guide. Product version: 3.5

CA Mobile Device Management. How to Create Custom-Signed CA MDM Client App

Sophos UTM. Remote Access via PPTP Configuring Remote Client

NetBoot/SUS Server User Guide. Version 2.0

Sophos Mobile Control Startup guide. Product version: 3

Building a BYOD Program Using the Casper Suite. Technical Paper Casper Suite v9.4 or Later 17 September 2014

Casper Suite Administrator s Guide. Version 9.2

Marriott Enrollment Server for Web User Guide V1.4

How do I use Push Notifications with ios?

LoadMaster SSL Certificate Quickstart Guide

Remote Access End User Reference Guide for SHC Portal Access

Sophos Mobile Control SaaS startup guide. Product version: 6

Apple Push Notification Service (APNS) Creation Guide

ios Team Administration Guide (Legacy)

Sophos Mobile Control as a Service Startup guide. Product version: 3.5

KAIST SSL VPN USER MANUAL

Managing the SSL Certificate for the ESRS HTTPS Listener Service Technical Notes P/N REV A01 January 14, 2011

LAB :: Secure HTTP traffic using Secure Sockets Layer (SSL) Certificate

Using the Push Notifications Extension Part 1: Certificates and Setup

AVG Business SSO Partner Getting Started Guide

Massey University Wireless Network Client Configuration Mac OS X

LAB :: Secure HTTP traffic using Secure Sockets Layer (SSL) Certificate

New Online Banking Guide for FIRST time Login

DDN CUSTOMER SUPPORT COMMUNITY QUICK START GUIDE

CLIENT CERTIFICATE (EAP-TLS USE)

ManageEngine Desktop Central. Mobile Device Management User Guide

HTTPS Configuration for SAP Connector

Quick Start Guide to Logging in to Online Banking

Install and End User Reference Guide for Direct Access to Citrix Applications

SCCM Plug-in User Guide. Version 2.21

A Brief Guide to Certificate Management

Accessing Citrix on a MAC using OS X (Mountain Lion and Newer)

Sophos UTM. Remote Access via SSL Configuring Remote Client

Application Note AN1502

Advanced Digital Imaging

Device Enrollment Guide

TechNote. Contents. Overview. Using a Windows Enterprise Root CA with DPI-SSL. Network Security

Standard Client Configuration Requirements

Configuration Guide. BES12 Cloud

SWITCHBOARD SECURITY

Sophos Mobile Control Installation guide. Product version: 5.1

How to: Install an SSL certificate

User Guide. The AMF's File Transfer Service (FTS)

How To Sync Google Drive On A Mac Computer With A Gmail Account On A Gcd (For A Student) On A Pc Or Mac Or Mac (For An Older Person) On An Ipad Or Ipad (For Older People) On

MSGCU SECURE MESSAGE CENTER

Cisco AnyConnect VPN Client Installation Guide for Single Factor Authentication: Windows

Using Internet or Windows Explorer to Upload Your Site

Certificates and Application Resigning

mystanwell.com Installing Citrix Client Software Information and Business Systems

QUICK START. GO-Global Cloud 4.1 SETTING UP A LINUX CLOUD SERVER AND HOST INSTALL THE CLOUD SERVER ON LINUX

Transcription:

Generating and Renewing an APNs Certificate Technical Paper May 2012

JAMF Software, LLC 2012 JAMF Software, LLC. All rights reserved. JAMF Software has made all efforts to ensure that this guide is accurate. JAMF Software 301 4th Ave S Suite 1075 Minneapolis, MN 55415-1039 (612) 605-6625 Apple, the Apple logo, Keychain Access, Mac OS X, and Safari are trademarks of Apple Inc., registered in the U.S. and other countries. Casper Suite, JAMF Software, the JAMF Software logo, and the JAMF Software Server (JSS) are trademarks of JAMF Software, LLC, registered in the U.S. and other countries. Firefox is a registered trademark of Mozilla in the U.S. and other countries. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. Ubuntu is a registered trademark of Canonical Ltd. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. All other products and service names mentioned are the trademarks of their respective companies.

Contents Page 4 Overview Page 5 Requirements Page 6 Generating an APNs Certificate Page 11 Uploading the APNs Certificate to the JSS Page 12 Renewing an APNs Certificate 3

Overview Before you can set up mobile device management (MDM) in the Casper Suite, you need to obtain an Apple Push Notification service (APNs) certificate from Apple and upload it to the JSS. This document explains how to generate an APNs certificate from the Apple Push Certificates Portal and upload it to the JSS. It also explains how to renew a certificate generated from the Apple Push Certificates Portal or Apple s ios Developer Enterprise Program (idep) when needed. Note: In the Casper Suite v8.4 or later, the JSS guides you through the process of generating, uploading, and renewing an APNs certificate. For more information, see the Apple Push Notification Service Certificate section in your Casper Suite Administrator s Guide. 4

Requirements The instructions in this guide can be used with the Casper Suite v8.0 or later on the following operating systems: Mac OS X 10.6 or later Windows 2008 or later with Visual C++ Redistributable package Red Hat Enterprise Linux (RHEL) 5.5 or later Ubuntu LTS 10.4 or later Before you begin, make sure you have the following applications installed: For Mac OS X Keychain Access Safari or Firefox For Windows Open SSL Safari or Firefox For RHEL or Ubuntu Open SSL Safari 5

Generating an APNs Certificate To generate an APNs certificate, you must complete the following steps: 1. Create a Certificate Signing Request (CSR). 2. Generate the APNs certificate from the Apple Push Certificates Portal. 3. Save the APNs certificate as a.p12 file. Step 1: Create a CSR First, create a CSR and email it to JAMF Software. JAMF Software signs the CSR and emails it back to you in a PLIST file. Note: You must have an active Casper Suite activation code (trial or purchased) to obtain a signed CSR from JAMF Software. To create a CSR on Mac OS X: 1. Open Keychain Access. 2. From the menu bar, select Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority. 3. Enter the following information for the certificate: User email address The Apple ID that you will use to log into the Apple Push Certificates Portal Common name The unique name that will be used to identify the certificate in Keychain Access 6

4. Select the Saved to disk option, and then click Continue. 5. Save the CSR. 6. Email the CSR to your JAMF Software Representative. If you are a current customer, email the CSR to your Account Manager. If you are a potential customer, email the CSR to your Systems Engineer. A PLIST file that contains the signed CSR is emailed back to you. To create a CSR on Windows, RHEL, or Ubuntu: 1. From the command line, create the CSR and the private key by executing: openssl req -out /path/to/resulting/request.csr -new -newkey rsa:2048 -nodes -keyout /path/to/resulting/privatekey.key 2. Create a Distinguished Name (DN) for the certificate request by entering the following information: Attribute Country State or Province Name Locality Name Organization Name Organizational Unit Name Common Name Email Address Value Abbreviation for country or region Abbreviation for state or province City or locality Name of your organization Department within your organization Unique name that will be used to identify the certificate Email address 3. When you are done entering information for the DN, press the Return key. 4. When prompted to enter a company name, press the Return key. 5. Email the CSR to your JAMF Software Representative. If you are a current customer, email the CSR to your Account Manager. If you are a potential customer, email the CSR to your Systems Engineer. A PLIST file that contains the signed CSR is emailed back to you. 7

Step 2: Generate the APNs Certificate Next, generate the APNs certificate by uploading the PLIST file that you received from JAMF Software to the Apple Push Certificates Portal. To generate the APNs certificate: 1. Open the web browser required for your operating system. (See the Requirements section for specifications.) 2. Go to the Apple Push Certificates Portal at https://identity.apple.com/pushcert/. 3. Sign in using your Apple ID and password. Note: It is recommended that you log in using a shared, company Apple ID. 4. Click Create a Certificate. 5. Read and accept the Terms of Use, and then click Agree. 6. Upload the PLIST file that you received from JAMF Software. 7. Click Download to download the APNs certificate. 8

Step 3: Save the APNs Certificate as a.p12 File Save the certificate as a.p12 file so that you can upload it to the JSS. To save the APNs certificate as a.p12 file on Mac OS X: 1. Open Keychain Access. 2. Select login under the Keychain heading in the sidebar. 3. Drag the certificate that you downloaded from the Apple Push Certificates Portal into Keychain Access. 4. Click the Certificates category in the sidebar. 5. Click the disclosure triangle next to the certificate, and verify that a private key is associated with it. The name of the private key should be the common name that you entered when you generated the CSR. 6. Select the certificate and the private key. 7. From the menu bar, choose File > Export Items and save the items as a.p12 file. The.p12 file is a bundle that contains both the certificate and the private key. 8. Create and verify a password to secure the file, and then click OK. You will need to specify this password when you upload the certificate to the JSS. 9. Quit Keychain Access. The certificate is saved as a.p12 file in the location you specified. 9

To save the APNs certificate as a.p12 on Windows, RHEL, or Ubuntu: 1. From the command line, convert the certificate to.pem format by executing: openssl x509 -inform der -in /path/to/apple/downloaded/cert.cer -out /path/to/formatted/cert.pem -outform PEM 2. Create a store for the certificate and the private key by executing: openssl pkcs12 -export -in /path/to/formated/cert.pem -inkey /path/ to/step/3/privatekey.key -out /path/to/save/push_notification_ cert.p12 -name apns-cert This saves the certificate and the private key as a.p12 file. The.p12 file is a bundle that contains both the certificate and the private key. 3. Type a password to secure the file, and then press the Return key. You will need to specify this password when you upload the certificate to the JSS. 4. Type the password again to verify it, and then press the Return key. 10

Uploading the APNs Certificate to the JSS Before you upload the APNs certificate to the JSS, make sure you have: The APNs certificate in.p12 format The password you created to secure the.p12 file To upload the APNs certificate (.p12) to the JSS: 1. Log in to the JSS with a web browser. 2. Click the Settings tab. 3. Click the Global Management Framework Settings link. In the Casper Suite v8.21 or earlier, click the Mobile Device Management Settings link. 4. Click the Push Notification Certificate tab. In the Casper Suite v8.21 or earlier, click the APNs tab. 5. Click the Create a certificate using the Push Notification Certificate Assistant link, and then click the Upload.p12 file button. In the Casper Suite v8.31 or earlier, click the Upload link. 6. Enter the password you created to secure the certificate, and then click Next. 7. Click Save. 11

Renewing an APNs Certificate Use the instructions in this section to renew an APNs certificate that was generated from the Apple Push Certificates Portal or from Apple s ios Developer Enterprise Program (idep). To renew an APNs certificate: 1. Create a new CSR and email it to the appropriate JAMF Software Representative. (See Step 1: Create a CSR for complete instructions.) A PLIST file that contains the signed CSR is emailed back to you. 2. Open the web browser required for your operating system. (See the Requirements section for specifications.) 3. Go to the Apple Push Certificates Portal at https://identity.apple.com/pushcert/. 4. If you originally obtained the certificate from the Apple Push Certificates Portal, sign in using the Apple ID you used to generate the certificate. If you originally obtained the certificate from idep, sign in using the Apple ID for the idep Agent account. 5. Click the Renew button next to the APNs certificate you want to renew. 6. Upload the new PLIST file that you received from JAMF Software. 7. Click Download to download the new certificate. 8. Save the certificate as a.p12 file. (See Step 3: Save the APNs Certificate as a.p12 File for complete instructions.) 9. Replace the old certificate by uploading the new one to the JSS. (See Uploading an APNs Certificate to the JSS for complete instructions.) 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information