Windows 8 mdm的证书注册 [英] Certificate enrollment in windows 8 mdm
本文介绍了Windows 8 mdm的证书注册的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我们正在使用comapny app实现windows 8 mdm。我们已经达到了证书注册步骤。我们从设备获取CSR。然后我们使用java中的充气城堡库创建自签名的根和设备证书。我们发送的
响应与WP_Enterprise_device_management_protocol pdf中提到的相同。
We are implementing windows 8 mdm using comapny apps.We have reached upto certificate enrollment step.We are getting CSR from device.Then we are creating self signed root and device certificate using bouncy castle library in java. And we are sending the same in response as mentioned in WP_Enterprise_device_management_protocol pdf.
但之后我们无法继续,意味着进入下一个"公司帐户"屏幕添加了"。
But after that we are not able to go ahead, means to the next screen of "company account added".
我附上的文件包含我们发送给设备的证书响应。
I am attaching file containing certificate reponse we are sending to device.
<s:Envelope
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<Action s:mustUnderstand="1" >
http://schemas.microsoft.com/windows/pki/2009/01/enrollment/RSTRC/wstep
</Action>
<a:RelatesTo>urn:uuid:81a5419a-496b-474f-a627-5cdd33eed8ab</a:RelatesTo>
<o:Security s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2012-08-02T00:32:59.420Z</u:Created>
<u:Expires>2012-08-02T00:37:59.420Z</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<RequestSecurityTokenResponseCollection
xmlns="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<RequestSecurityTokenResponse>
<TokenType>
http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentToken
</TokenType>
<RequestedSecurityToken>
<BinarySecurityToken
ValueType=
"http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentProvisionDoc"
EncodingType=
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#base64binary"
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wap-provisioningdoc version="1.1">
<characteristic type="CertificateStore">
<characteristic type="Root">
<characteristic type="System">
<characteristic type="031336C933CC7E228B88880D78824FB2909A0A2F">
<parm name="EncodedCertificate" value="MIICvjCCAaagAwIBAgIIPe20Ajb0h4kwDQYJKoZIhvcNAQELBQAwHjEcMBoGA1UEAxMTVENTIE1ETSBDZXJ0aWZpY2F0ZTAgFw0xMzA1MjgwNjI2MTZaGA8zOTIxMDEzMDE4MzAwMFowHjEcMBoGA1UEAxMTVENTIE1ETSBDZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKBVoywDVDhfqMHrO203j7EMCKKZRkFWQsVSwIqPcohlmIrYd0VXE8UcOzuB0WcKEuzbVSKmOSr3i5j6xh5Pip+ZurqXOCq9YgA1zZQgCl/A8/kn7g8xQG5vxeNyYTaqg4BcPsvW7JdhzVyZSPqJksbRpplIiqQCG8BnWvvk8ykXw0gQMrg8o/lAjLzNilJRBJwdp2XTMl133znel7Z/XN4lkGV6uP/6mWqvAHyKsvxqxLvNojvoeKA2h77gJUXuK4+wH2smazX8w+LDT4oAAyhUyqhR5NhqFry6e/iPEZHdkTEOQtpV0g3rftOBdhJTN/NB2lJlxgKNsPPeCEIotd8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAY2GquCexSU8W+oyE5vpib8lJOXMmrgm3A5IuzNW5sxgn3cZTbxM27WbxboB6oxYOATLPcU5YI+YPLy5IaQ4Kc5mJOVZIwB/OLdit9BtOTe3DUDcbYZQ8XD7Oavxn4cmpEQanXUO0i2b52CVV5abDdszq4vTMHlUtVsDv4a2TXCdAtzfbQVbT7Nuxs4Nu48eVpeKafo1MfUK1rAkAbk2CyXRwT+C9YZgprtNy6YgAqc0+2h/SIkltu+Hsnzubpdi1ZServVqvS2pBTAvEiBzsjF+PErSGo9ZeYFM5bVMhzxcbPhTd9PiV4CNL494uNhVKGtu+SHEArtYnA9l21TxZ+g==" />
</characteristic>
</characteristic>
</characteristic>
<characteristic type="My" >
<!-- "My" and "User" are case-sensitive -->
<characteristic type="User">
<characteristic type="F9A4F20FC50D990FDD0E3DB9AFCBF401818D5462">
<parm name="EncodedCertificate" value="MIIDdjCCAl6gAwIBAgIGAT7p0NEbMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNVBAMTE1RDUyBNRE0gQ2VydGlmaWNhdGUwHhcNMTMwNTI4MDYyNjE2WhcNMTMwNTI4MDYyNjI2WjAwMS4wLAYDVQQDDCVCMUM0M0NEMC0xNjI0LTVGQkItOEU1NC0zNENGMTdERkQzQTEAMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HOJV74DXf1GV3QVQ0sbhLkO19z0jdwTohhbqPiDb99X1qx3OslB+5mK0/wkuNYNwp47qf7QBXVTQFjvkTu07fqVqTFeOsMfxoidgXJ3uQzC94+IzIYrtSijFdI9CGx1nBj+m6Pi4f+hPumDRUp5YteWebF88SDQzUrM8aJKqY8+Mjm5JBr5IOjj186nl1nQXlfn4Vb1CMnRd+hz5ILODAne4d1tU7hK6ZvQ0CJX91oHuut6AMFaqZ+SddPAlSsBA3eeMoebWjL07qzkHrgcB4WSgKXygrA/L0SrSktWma2CLHKdHkeUM/AwPj8ZN0PsE8yRcaNj696QcmFgEkeTjwIDAQABo4GnMIGkME0GA1UdIwRGMESAFEwyaKVy41G0DTLztAKbe5qxoz7LoSKkIDAeMRwwGgYDVQQDExNUQ1MgTURNIENlcnRpZmljYXRlggg97bQCNvSHiTAdBgNVHQ4EFgQU4vnVJ8haT81lAAR7uATJr8pYEoowDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAF0mTozrDPOz63qRlXp3+RwwdeqhER7RxAjYEnH2f/fZ4BUy35SojJWfn8mA+KFqlcsUxrs3o+gCMQXUzWMX4K6Wp4llR0QAmGjv5oFWNR2HVVvqY5RtA853FzZ1TNxztRVXknL2LWWyAmBN5oaXLvHYV1AHFOFjhbCzUXUybf+iRDv004nglM3C8+sFTBH19tY01+h9FZAVjKUTeKn+T+ssWuXAd5ODMTawlk2oMxhXIJWIw1qtMbUNKmGDNI/Tfp3hlvf9FMdzdAkYbT9x8U4WuHJS6iYWLrRA1/+m7tE4Z/aexv1FYloDnoghZOaBbz2yUxoSv4hvrhd5eAMuw+8=" />
</characteristic>
<characteristic type="PrivateKeyContainer"/>
<!-- This tag must be present for XML syntax correctness. -->
</characteristic>
</characteristic>
</characteristic>
<characteristic type="Registry">
<characteristic type="HKLM\Software\Microsoft\Enrollment">
<parm name="RenewalPeriod" value="42" datatype="integer" />
</characteristic>
<characteristic type="HKLM\Software\Microsoft\Enrollment\OmaDmRetry">
<parm name="NumRetries" value="8" datatype="integer" />
<parm name="RetryInterval" value="15" datatype="integer" />
<parm name="AuxNumRetries" value="5" datatype="integer" />
<parm name="AuxRetryInterval" value="3" datatype="integer" />
<parm name="Aux2NumRetries" value="0" datatype="integer" />
<!-- Retry waiting interval less than 60 minutes isn’t suggested due to impact to data comsumption and battery life. -->
<parm name="Aux2RetryInterval" value="480" datatype="integer" />
</characteristic>
</characteristic>
<characteristic type="DMClient">
<characteristic type="Provider">
<characteristic type="TestMDMServer">
<parm name="EntDeviceName" value="Administrator_WindowsPhone" datatype="string"/>
</characteristic>
</characteristic>
</characteristic>
</wap-provisioningdoc>
</BinarySecurityToken>
</RequestedSecurityToken>
<RequestID xmlns="http://schemas.microsoft.com/windows/pki/2009/01/enrollment">
</RequestID>
</RequestSecurityTokenResponse>
</RequestSecurityTokenResponseCollection>
</s:Body>
</s:Envelope>
推荐答案
BinarySecurityToken中的内容应该是wap-provisioningdoc的Base64编码字符串......
The content inside BinarySecurityToken is supposed to be the Base64 encoded string of the wap-provisioningdoc...
这篇关于Windows 8 mdm的证书注册的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
