We have an end-to-end iOS MDM implementation developed. Now, I have a requirement that each customer (tenant) should have its own APNs certificate which will be used for sending push notification. Using java I have created a .CSR referring the iOS Vendor CSR Signing Link which is used to create a Customer.CSR.
Using the Apple's Identity Portal then created the .pem file which is of format MDM_ <Vendor_Name> _Certificate.pem.
Query:
Say dated 28-10-2014, I uploaded the Customer.CSR to the identity portal and got MdM_Vendor_Certificate.pem (saved it on my local desktop as cert1.pem).
Say dated 29-10-2014, I uploaded the same Customer.CSR to the identity portal and got MdM_Vendor.Certificate.pem (saved it on my local desktop as cert2.pem).
Now when read both the certificate contents: i find that cert1.pem has UID = com.apple.mgmt.External.26b... (lets call it as topic1)
and cert2.pem has UID = com.apple.mgmt.External.271.. (lets call it as topic2)
i.e. both the UID's are different.
So my question is:
As UID is used in Topic field of the MDM Payload which is internally used by APNs for sending push notifications.
- Now Say I have installed an MDM Profile on the device with topic1 and till the time cert1.pem was used for APNs the device will receive push notifications as the UID match with topic in that case.
But,
- Say When customer renews the APNs certificate the UID changes to topic2 and the certificate used will be cert2.pem, but the device still has mdm profile with topic1 installed (We will not be re-installing the MDM Profile on device i assume).
So how will the device (with topic1) receive push notifications as the APNs will now get certificate with topic2. Or is it handled by APNs that it will map all the devices with topic1 to topic2.
I am unsure about this behavior of APNs. Please help.
I hope i made myself clear.
Thanks.
Thanks Samreen Shaikh
