I want to use MDM to manage number of iOS devices.
According to documentation I do not need anything installed on device. In that case when device receives a notification from APNS server, how will it come to know that this notificaation is for MDM?
You need to install at least a root certificate from the MDM-Company (in your case your software / yourself need to deploy the root certificate to the endusers device).
As soon as the device has the root certificate installed, you can send some MDM json payloads through APNS.
I think you can deploy the root certificate with many ways including download in safari on your iOS or also with the configuration utility.
Push Notification String: {"aps":{},"mdm":"MagicPushDeviceCode"}.
Related
I am in the process of updating an old app to use UNUserNotification service and Notification Content Extension. However, I have something strange going on with the provisioning profiles.
They are managed automatically by Xcode, however, my Debug Provisioning Profile for the Content Extension shows nothing?
I believe this to be the cause of a an issue I am currently having: My push server is unable to send notifications to my client devices when using the development signing certificate and the client is in debug mode.
Is there something I need to do to get around this? Or is this not anything important?
Followed the steps mentioned here and Softhinker. Created the certificates and configuration profiles as mentioned. When the configuration profile is installed in the device, sends the Authenticate, Push Magic, and Token update to the mdm server. Till that point it is fine. But when the server tries to send a mdm push notification to the device with the mdm key and pushmagic, it is not received by the iPhone. At the server end, the push is sent successfully based on the console logs there. There is nothing to see in the console of iPhone. It doesn't show anything.
Some inputs regarding this would be helpful.
I followed the same steps as in Softhinker using openssl commands to generate the appropriate certificates. Used them on both the server (mdm server) and the client (iPhone). When the mobile config profile is installed, the server gets the details. And when the server sends the mdm push with the mdm environment to ask the device to poll for commands, that particular mdm push notification did not reach the device, how ever it shows as sent at server. Checked the mobileConfig profile created and the settings of it. Previously the mdm payload settings are as development environment. Changed it to production and tried again. Now all of it works. You might check with the production environment once, if that helps.
I've created a simple MDM platform that you can use for testing MDM commands.
It handles all the provisioning so you don't have to worry about OpenSSL.
It's called TestMDM - (http://www.testmdmapp.com)
I am developing push notifications for an app of mine, I wrote the provider in PHP and it works fine. I was previously testing the push notifications with my dev builds and the sandbox server from Apple and everything worked fine, now I am trying to get it to work with an AdHoc build but I never receive any messages on the phone. Here is what I did:
Enable production push notifications for the App, create the certificate, download it, create the PEM following the instructions here and upload it to my server. Configured my PHP Script to use gateway.push.apple.com and port 2195 for the connection and test it, the connection to the server works as expected.
The Layout of the payload is the same as with the dev and writing to the stream works
After activating Production APN I recreated my AdHoc provisioning profile and verified after the build that in the entitlements aps-environment is set to "production" (which it is)
Installed the App through AdHoc on a device which has not run the app before, I get asked whether to allow PNs, click yes and my server receives the token just as it should.
Tried to send a message (which should get send to 3 devices) through the production environment. There is no error when connecting to Apple or sending the data but I do not receive a push notification on any of the devices.
I am really out of ideas what could be wrong, does anybody have an idea? Thanks a lot!
I finally figured this out, the issue is that if you open a connection to the APNS and send over more than one push notification AND one of the tokens you submit is not a token valid for this certificate (eg. you send over a token that belongs to a dev instance whilst being connected with the production certificate) the APNS cancels the delivery of all the PNs that you sent in this batch. At least that is what I experienced so far, so make sure you always keep your dev and production tokens nicely separated :)
Push certificates for production and development are different. And to make more difficult device tokens for production and sandbox are different for the same device. Cross check if these are correct and Im sure you must have faltered in this. To get device token in Production mode, write an alertview in AppDelegate didreceivenotifications event.
Once you get this token, you will know that it is different from dev token that we are generating which is why you were not able to send notification on PROD
I am struggling with the same issue. I believe the problem is that with adhoc builds, apple will only send notifications to them from the production apns server, try that.
For distribution and release build always use production certificate.
I'd like to test an application on the iphone simulator which connects to a service using a certificate which is signed by our own CA. I can do this on the actual device by adding a provisioning profile which has the CA certificate. I had thought that having the CA certificate in the standard OSX keychain would work, but it doesn't.
So I can access the service via Safari without warning, but I get error when trying to run things in simulator.
The crypto api's are unavailable to the simulator. I think someone at apple was smoking crack when they made this decision because i fail to see how having an iPhone changes the out come of a cryptographic algorithm. Never the less in order to develop with these systems you'll need an iphone or ipod touch.
This link worked for me
canAuthenticateAgainstProtectionSpace method set to return yes.
NOTE: this will accept any certificate so should be removed for production releases: ie: ONLY for testing
It seems to work okay when I point the emulator at one of our live servers which a use a 'real' certificate. But I've just been getting 1200 errors trying to get the emulator to talk to a local test server I set up this morning.
So there must be crypto libraries there (or our app wouldn't talk to the live servers with real certificates), but there certainly seems to be a problem with self-signed certs.
previously i had configured my app id for development push notifications it was working fine.
But now i have changed my appid and i have followed the same procedure as stated in the apple docs and i have put newly generated .p12 file on the server side but i am not getting the push to my device now.
i have a doubt for an apple id i generate both development and production ssl certificates and in programme portal both environments shows green balls.
i have created development provision profile after doing as said above. in the sever side do i need to point to production ssl or development ssl for testing.
can anybody have any idea about this
It depends which server are you contacting.
If you are testing on the development side, you have to send requests to the sandbox (gateway.sandbox.push.apple.com) using the appropriate SSL certificate and the appropriated Device Token.
If you are on production/release mode, you have to use the correspondent info.
Another thing that you have to keep in mind is that, for each certificate you have to register your device for push notifications, and if you change the provisioning profile, you have to do everything again, because the Device Token will be different.
Cheers,
VFN
Make sure that the device which you are testing doesn't have both the development profile and the distribution profile. Only distribution (adhoc) profile must be there.