APNS notifications not reaching devices enrolled in Apple MDM

7
votes

Apple MDM is used. It is MDM using APNs.

  • The topic of mobileconfig is the same as the thing of Subject of APSP-XXX.pem.
  • The character string of a device token and PushMagic reached the MDM server after the setup of mobileconfig.

I sent wording of a telegram for device tokens using APNs. It is replacing by the character string of PushMagic. Although {"mdm":"xxxxxxxxxxxxx-xxxx-xxxx-xxxx"} is sent via APNs from the MDM server, iPhone is not reached.

Why is it?

3
iosapple-push-notificationsmdm
Can you provide more detail on the steps you take to send the APNS notification to the enrolled device?rlandster
I generated push certificate for MDM. Its got a valid subject/topic. When viewed in keychain store it says "This certificate was signed by an unknown authority". There's also no private key associated with it. Any idea whats wrong?Sahil Khanna

3 Answers

2
votes

Follow MDM_Protocol pdf very carefully.

If you are following this link: http://www.softhinker.com/in-the-news/iosmdmvendorcsrsigning Then verify few things.

remove the passphrase from customerPrivateKey.pem using this command

openssl rsa -in customerPrivateKey.pem -out PlainKey.pem

Then merge your APNS certificate (for example CustomerCompanyName.pem) downloaded from the portal https://identity.apple.com/pushcert/ using this command

cat CustomerCompanyName.pem PlainKey.pem > PlainCert.pem

Now this PlainCert.pem file can be used in your server as APNS/MDM certificate.

If still there is issue,please show here your device log.

0
votes

the issue may be because two reasons:

  1. key and pem both should be present.
  2. password used should belong to the password use while creating pem
0
votes

I made a python script that does the vendor signing part, so you don't have to use the softhinker java code.

https://github.com/grinich/mdmvendorsign