Apple MDM供应商CSR签名 [英] Apple MDM Vendor CSR Signing

查看:528
本文介绍了Apple MDM供应商CSR签名的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

将plist上传到 https://时,我点击'无效的证书签名请求' identity.apple.com/pushcert/ ,以下是我用来生成plist的步骤:

I hit 'Invalid Certificate Signing Request' when uploading plist to https://identity.apple.com/pushcert/ , and below are steps I used to generate plist :


  1. 作为供应商,创建供应商CSR使用KeyChain访问MacBook上传到成员中心以生成MDM签名证书,并以p12格式从KeyChain Access导出私钥,比如vendor.p12

  2. 创建客户CSR,使用Openssl:

    - openssl genrsa -des3 -out customerPrivateKey.pem 2048

    - openssl req -new -key customerPrivateKey.pem -out customer.csr

  3. 作为供应商,从供应门户下载MDM签名证书,WWDR中间证书,并从 http://www.apple.com/appleca/AppleIncRootCertificate.cer ,然后使用下面的命令将这三个证书逐个转换为PEM格式,将由程序读取为PushCertCertificateChain:

    - openssl x509 -inform der -in AppleWWDRCA.cer -out chain。 pem

  4. 作为供应商,请按照移动设备管理协议参考中的示例java代码,使用从vendor.p12中提取的私钥对customer.csr进行签名。

  5. 使用Safari将生成的plist上传到 https://identity.apple.com/pushcert/ 与客户Apple ID

  1. As a vendor, create vendor CSR using KeyChain Access of the MacBook to upload to member centre to generate MDM signing certificate, and export private key from KeyChain Access in p12 format, say vendor.p12
  2. Create customer CSR, using Openssl :
    - openssl genrsa -des3 -out customerPrivateKey.pem 2048
    - openssl req -new -key customerPrivateKey.pem -out customer.csr
  3. As a vendor, download MDM signing certificate, WWDR intermediate certificate from provisioning portal, and download Apple root certificate from http://www.apple.com/appleca/AppleIncRootCertificate.cer, then use below command to convert these three certs to PEM format one by one which will be read by program as the PushCertCertificateChain :
    - openssl x509 -inform der -in AppleWWDRCA.cer -out chain.pem
  4. As a vendor, following sample java code in Mobile Device Management Protocol Reference, I sign the customer.csr with the private key extracted from vendor.p12
  5. Using Safari to upload generated plist to https://identity.apple.com/pushcert/ with customer Apple ID

上述步骤有什么问题吗?请指教。非常感谢!

Is there anything wrong with above steps? Please advise. Thanks a lot!

推荐答案

请参阅这里的详细步骤和源代码生成plist。

Please see detailed steps and source code here to generate plist.

这篇关于Apple MDM供应商CSR签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆