Cortado Server – Manual

Configure Apple MDM

89 views January 21, 2019 August 11, 2020 0

Overview

Caution! If you want to renew your Apple Push certificate, please follow the procedure described in the Renew certificate section.

You will need the following security certificates for the Apple MDM:

An Apple Push Certificate is required for establishing a secure connection between the Cortado Management Console and Apple devices. Cortado sends the corresponding notification to the device via the Apple Push Notification Service, requesting that it log in to the Cortado server. So no information is transmitted. The Apple Push Noti­fication Service only wakes the device from hibernation, so that it can be logged on to the Cortado server. All configuration information, settings and requests go via an (encrypted) SSL connection directly from the Cortado server to the Apple devices.

Note! Please note that your network must also be prepared for Apple Mobile Device Management. Particularly Apple uses the following TCP ports: 80, 2195, 2196 and 5223. See table with Cortado ports on Cortado server TCP ports. More information about Apple can be found here: http://sup­port.apple.com/en-en/HT202944

Requesting and installing an certificate

Before you can request a certificate from Apple, you first have to run a Certificate Signing Request (CSR).

  • For CSR, select in the management console: Control Panel→ Certificates→ Apple Push Certificate (arrow in illus.).
open Apple Push Certificate

open Apple Push Certificate

  • Click on Generate Certificate Request (arrow in illus.).
Requesting a certificate

Requesting a certificate

Note! Do not use the Generate Certificate Request button to renew the certificate. Otherwise you will generate a new certificate that has to be distributed to all users again.

  • Fill out the form and confirm with OK.
Fill out the request form

Fill out the request form

  • Click on Download Certificate Request to save the certificate request (arrow in illus.).
Saving the certificate request

Saving the certificate request

The CSR file will be saved.

Saved certificate request

Saved certificate request

login with Cortado ID or register new

login with Cortado ID or register new

  • Upload the certificate request (CSR) now under Upload CRS on the signing website.

  • In step 2 you can download the signed certificate request (CSR).

Signed certificate request received

Signed certificate request received

  • Click on Create a Certificate (arrow in illus.).

Note! If you would like to renew an existing certificate, then select your certificate instead and click Renew.

Create a certificate by using the request

Create a certificate by using the request

  • Select your signed certificate request, and upload it.
Uploading a Cortado-signed certificate request

Uploading a Cortado-signed certificate request

  • Shortly after, you can download your certificate in .pem format (arrow in illus.).
Downloading the certificate

Downloading the certificate

Push certificate downloaded from the Apple website

Push certificate downloaded from the Apple website

  • Using Upload Apple Certificate you can now upload your certificate onto the Cortado server.
Loading the Apple Push certificate onto the Cortado server

Loading the Apple Push certificate onto the Cortado server

Select certificate

Select certificate

Export and import certificate

  • Save a backup of the certificate in .pfx format with Export Apple Push Certi­ficate.
  • With this version of the certificate, you can avoid future need for the procedure described above.
Saving a backup copy of the Apple Push Certificate

Saving a backup copy of the Apple Push Certificate

  • Enter a password for your certificate.
enter certificate password

enter certificate password

  • Using Import Apple Push Certificate you can install it again anytime onto the Cortado server.
  • To do so select the certificate with Choose Certificate and enter your password.
Upload a backup copy of your Apple Push certificate

Upload a backup copy of your Apple Push certificate

Renew certificate

The Apple Push certificate is valid for one year (left arrow in illus.).

  • If you would like to extend it beyond that, tap on Renew Apple Push Certificate under Control Panel→ Certifi­cates→ Apple Push Certificate (right arrow in illus.).
renew Apple Push certificate

renew Apple Push certificate

  • Then proceed as described above.

Note! Do not use the Generate Certificate Request button to renew the certificate. Otherwise you will generate a new certificate that has to be distributed to all users again.

The renewed certificate must not be assigned again on the users’ devices.

Was this helpful?