我正在为自己的组织开发MDM解决方案。使用imdmtools提到的python创建了一个iOS MDM测试服务器,根据softthinker生成推送证书。
以下是证书详情:
证书文件已成功创建,可以导入到钥匙串中并以p12格式导出。我将其转换为PEM格式:
转换为.pem
openssl pkcs12 -in OrigPushCert.p12 -out PushCert.pem
删除密码
openssl rsa -in PushCert.pem -out PushKeyNoPass.pem
在文本编辑器中打开PushCert.pem
.mobileconfig文件包含MDM有效内容:
毕竟,设备可以通过https正确注册,服务器可以从设备接收设备令牌,推送魔术,解锁令牌。但是,当服务器发送MDM推送消息:{"mdm" : "PushMagic String>"}
时,设备不会收到它。 IPCU设备日志显示:
Jun 13 16:26:13 unknown MobileSafari[374] <Warning>: webFrameLoader
Jun 13 16:26:16 unknown MobileSafari[374] <Warning>: webFrameLoader
Jun 13 16:26:16 unknown profiled[1394] <Notice>: (Note ) MC: Profile “-c-o-m-.-c-i-t-e-c-h-.-m-d-m-.-p-r-o-f-i-l-e” -q-u-e-u-e-d -f-o-r -i-n-s-t-a-l-l-a-t-i-o-n-.
Jun 13 16:26:18 unknown profiled[1394] <Notice>: (Note ) MC: Checking for MDM installation...
Jun 13 16:26:18 unknown profiled[1394] <Notice>: (Note ) MC: ...finished checking for MDM installation.
Jun 13 16:26:18 unknown profiled[1394] <Notice>: (Note ) MC: Beginning profile installation...
Jun 13 16:26:20 unknown keybagd[1403] <Notice>: MS:Notice: Installing: (null) [keybagd] (690.10)
Jun 13 16:26:22 unknown profiled[1394] <Notice>: (Note ) profiled: Device unlock notification received
Jun 13 16:26:22 unknown kernel[0] <Debug>: AppleKeyStore:Sending lock change
Jun 13 16:26:22 unknown profiled[1394] <Notice>: (Note ) MC: Profile “-c-o-m-.-c-i-t-e-c-h-.-m-d-m-.-p-r-o-f-i-l-e” -i-n-s-t-a-l-l-e-d-.
Jun 13 16:26:22 unknown mc_mobile_tunnel[1409] <Notice>: (Note ) MC: mc_mobile_tunnel starting.
Jun 13 16:26:23 unknown mc_mobile_tunnel[1409] <Notice>: (Note ) MC: mc_mobile_tunnel shutting down.
Jun 13 16:26:23 unknown mdmd[1405] <Notice>: MS:Notice: Installing: com.apple.managedconfiguration.mdmd [mdmd] (690.10)
Jun 13 16:26:24 unknown mdmd[1405] <Notice>: (Note ) MDM: mdmd starting...
Jun 13 16:26:24 unknown mdmd[1405] <Notice>: (Note ) MDM: Looking for managed app states to clean up
Jun 13 16:26:24 unknown apsd[95] <Warning>: <APSConnectionServer: 0xd622270>: connection set enabled topics {(
"com.apple.mgmt.External.e8154c51-4788-44bc-8c23-a26695####9c"
)}
Jun 13 16:26:24 unknown apsd[95] <Warning>: <APSCourier: 0x11dcb0>: Sending filter message for enabled hashes {
<10f79d78 c6984a13 f9fc677a 4556fc35 73249ead> = "com.apple.mgmt.External.e8154c51-4788-44bc-8c23-a26695####9c";
<141b878f 22242638 a132b5ba 96284394 eb258b67> = "com.citech.mdm.pushtest";
} and ignored hashes {}
Jun 13 16:26:24 unknown com.apple.launchd[1] <Warning>: (com.apple.managedconfiguration.mdmd) Check-in of Mach service failed. Already active: com.apple.managedconfiguration.mdmdpush-dev
Jun 13 16:26:24 unknown mdmd[1405] <Warning>: Unable to bootstrap_check_in() to namedDelegatePort 'com.apple.managedconfiguration.mdmdpush-dev'. APS connections will not persist past process lifetime.
Jun 13 16:26:24 unknown apsd[95] <Warning>: <APSConnectionServer: 0xd61b820>: Initializing connection server with environmentName 'development' and connectionPortName '(null)'
Jun 13 16:26:24 unknown com.apple.launchd[1] <Warning>: (com.apple.managedconfiguration.mdmd) Check-in of Mach service failed. Already active: com.apple.managedconfiguration.mdmdpush-prod
Jun 13 16:26:24 unknown mdmd[1405] <Warning>: Unable to bootstrap_check_in() to namedDelegatePort 'com.apple.managedconfiguration.mdmdpush-prod'. APS connections will not persist past process lifetime.
Jun 13 16:26:24 unknown apsd[95] <Warning>: <APSConnectionServer: 0x121fa0>: Initializing connection server with environmentName 'production' and connectionPortName '(null)'
Jun 13 16:26:24 unknown apsd[95] <Warning>: <APSConnectionServer: 0xd61b820>: connection set enabled topics {(
"com.apple.mgmt.External.e8154c51-4788-44bc-8c23-a26695####9c"
)}
Jun 13 16:26:24 unknown mdmd[1405] <Notice>: (Note ) MDM: Network reachability has changed.
Jun 13 16:26:24 unknown mdmd[1405] <Notice>: (Note ) MDM: Network reachability has changed.
Jun 13 16:26:24 unknown mdmd[1405] <Notice>: (Note ) MDM: Telling MDM Check-In Server about new device token.
Jun 13 16:26:24 unknown apsd[95] <Warning>: <APSConnectionServer: 0xd62a150>: Initializing connection server with environmentName 'development' and connectionPortName '(null)'
Jun 13 16:26:24 unknown apsd[95] <Warning>: <APSCourier: 0x11dcb0>: Removing connection server <APSConnectionServer: 0xd62a150>
Jun 13 16:26:24 unknown apsd[95] <Warning>: Interface manager: WWAN radio power level notification; DCH status changed to active
Jun 13 16:26:24 unknown apsd[95] <Warning>: Calculated minimum fire date [2013-06-13 16:29:31 +0800] (54%) with fire date [2013-06-13 16:36:26 +0800], start date [2013-06-13 16:21:24 +0800], minimum early fire proportion 0, power state detection supported: yes, in high power state: yes
Jun 13 16:26:24 unknown apsd[95] <Warning>: Calculated minimum fire date [2013-06-13 16:34:23 +0800] (54%) with fire date [2013-06-13 16:42:49 +0800], start date [2013-06-13 16:24:28 +0800], minimum early fire proportion 0, power state detection supported: yes, in high power state: yes
Jun 13 16:26:25 unknown mdmd[1405] <Notice>: (Note ) MDM: Transaction completed. Status: 200
Jun 13 16:26:25 unknown mdmd[1405] <Notice>: (Note ) MDM: Telling MDM Check-In Server about new device token.
Jun 13 16:26:25 unknown apsd[95] <Warning>: <APSConnectionServer: 0xd624a20>: Initializing connection server with environmentName 'development' and connectionPortName '(null)'
Jun 13 16:26:25 unknown apsd[95] <Warning>: <APSCourier: 0x11dcb0>: Removing connection server <APSConnectionServer: 0xd624a20>
Jun 13 16:26:25 unknown mdmd[1405] <Notice>: (Note ) MDM: Transaction completed. Status: 200
Jun 13 16:26:25 unknown mdmd[1405] <Notice>: (Note ) MDM: Telling MDM Check-In Server about new device token.
Jun 13 16:26:25 unknown apsd[95] <Warning>: <APSConnectionServer: 0xd624a20>: Initializing connection server with environmentName 'development' and connectionPortName '(null)'
Jun 13 16:26:25 unknown apsd[95] <Warning>: <APSCourier: 0x11dcb0>: Removing connection server <APSConnectionServer: 0xd624a20>
Jun 13 16:26:25 unknown mdmd[1405] <Notice>: (Note ) MDM: Transaction completed. Status: 200
Jun 13 16:26:27 unknown mdmd[1405] <Notice>: (Note ) MDM: mdmd stopping...
Jun 13 16:26:27 unknown apsd[95] <Warning>: <APSCourier: 0x11dcb0>: Removing connection server <APSConnectionServer: 0xd61b820>
Jun 13 16:26:27 unknown apsd[95] <Warning>: <APSCourier: 0x119eb0>: Removing connection server <APSConnectionServer: 0x121fa0>
Jun 13 16:26:29 unknown apsd[95] <Warning>: Canceling system wake for [2013-06-13 16:42:34 +0800]
Jun 13 16:26:29 unknown apsd[95] <Warning>: Resuming push keep alive timer in normal mode with action PCActionMaintainPushKeepAliveInterval
将.mobileconfig推送服务更改为生产模式,仍然无法接收。我使用github.com/notnoop/java-apns模拟MDM推送,没有任何反应。我不认为推送消息或.mobileconfig文件有错误,可能是证书文件有问题。
如果有人可以提供一些帮助或暗示,那将是一种很好的善意。我已经花了几天时间......谢谢。