APNS certificate is required to manage IOS devices from XenMobile. This post will cover the detailed steps to create Apple APNS certificate for XenMobile. All you need is just an account with apple and Citrix.
- Netscaler or a Windows server with IIS installed for APNS certificate CSR creation.
- My Citrix account to sign the CSR from Citrix.
- Apple Account for submitting and downloading APNS Certificate.
Note: step1 and part of Step3 can be done on windows server as well over IIS – Create CSR and complete the cert request on the same windows server.
Step 1: Create Key file & CSR from Netscaler
Navigate to Traffic Management – SSL – SSL files – keys
Select Create RSA Key
- Provide Key file name
- Key size: 2048 Bits
- Public Exponent value: F4
- Key format : PEM
- Algorithm : DES3
- Provide PEM passphrase, this is required while completing and exporting certificate request
Select CSR tab – Click Create CSR
Provide the CSR file Name,browse to key file created above, provide the details as shown below. Common name can be MDM url name.
Download the CSR as shown below.
Step 2: Sign the CSR from Citrix
Login to https://tools.xm.cloud.com/ or https://xenmobiletools.citrix.com with mycitrix credentials.
Select request push notification certificate signature.
Select upload CSR and select the CSR file created in step1
Click sign and it will be signed and a .plist file will be downloaded.
Step 3: APNS certificate Generation from Apple portal
Click on apple certificate request portal as shown below.
login to the portal using your apple ID.
Click on create a certificate
Accept to agree the terms
Select choose file and upload .plist file – Click upload
Download the certificate once done.
Step 4: Complete APNS certificate request and Create APNS pfx file
Below steps will complete the certificate request.
Navigate to Traffic management – SSL – Certificates – server certificates – Click install
- Provide Name: MDM_APNS
- Certificate File Name: PEM file download from apple site.
- Key file: RSA key file created in step1
- password: password given for key file in step 1.
The certificate can be found under client certificates as shown below.
APNS Certificate is needed on XenMobile server, its not required on Netscaler. So we need to upload in pfx format and import in XenMobile server.
Select SSL and Click on Export certificate
- Provide a Name for PFX file
- Certificate file Name: PEM file installed above.
- Key file: key file created in step 1
- Export password: this will be used to import in XenMobile server.
- PEM Passphrase: key file password given in step 1.
The pfx file will be created in netscaler.
Click on manage key files and download the pfx file
select the pfx file and download. This will be imported in XenMobile server.
Hope this post is useful.