Profile Manager Enrollment - iOS - Server Certificate Invalid

Similar Messages

• Can Profile Manager Enroll the Server Itself?

  Hi all,
  I can successfully enroll clients, but when I try to enroll the server itself, I receive the error message, "Profile installation failed. The profile "Remote Management (com.apple.config.myserver.com.mdm)" could not be installed due to an unexpected error."
  I created a seperate local network user account (a different user name) for this purpose and did not use the local admin's account for device enrollment.  On the server machine itself, I logged into http://myserver.com/mydevices and used the admin's local network acount to begin enrollment.  The trust profile successfully installs first, but enrollment fails.
  I would like to group server machines using Profile Manager and I would like to setup a configuration payload is for Software Update.
  Many Thanks!

  I really doubt you can enroll your server in it's own MDM.
  If all you're trying to do is set the software update server, it's a lot easier to just do this...
  sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate
  CatalogURL http://myserver.com:8088/index.sucatalog

• Change Server URL in Profile Manager Enrollment Process?

  It appears devices learn the IP or URL of their MDM server during the Profile Manager enrollment process. It must be part of the configuration profile sent to the device. It also appears this is based on the machine's host name. Is there anyway to change that URL - as when the host name of the server changes? If so, where are the files located on the server.
  I believe in the previous iPhone Configuration Utility there was a "server URL" and "Check in URL" that could be set. We can't seem to find any parameters in Profile Manger to control the same. Thanks for any help.

  Hi Jonathan,
  I stumbled on your responses because I was looking for an answer to my own issues.
  I am like most just a lay user, although wth 20 years Mac experience.
  The issue is as folllows:
  I set up Lion Server and I host a Wiki page and I try to run Profile Manager.
  I do not have a registered host name. The hostname is server.name.private.
  In order to reach the server from the Internet my clients use a DynDNS hostname such as "name.dyndns.org".
  My clients can access the Wiki pages with no problems and Safari shows https://name.dyndns.org in the address line.
  However, if they want to connect to Profile manager, the server re-directs https://name.dyndns.org/profilemanager https://server.name.private/auth?redirect=https://server.name.private/devicemana gement/api/authentication/callback
  which the client's browser cannot resolve because the internal hostname is unknown to public DNS servers.
  Why does Profile Manager redirect in the first place ?
  Can this issue be resolved without obtaining an "officially registered" hostname ?
  Thank you for helping.
  Regards,
  Twistan

• What Mac OS X versions does Profile Manager support in Server 4?

  I remember that Mavericks server dropped support for lion clients in profile manager when 3.0 came out, and before we decide if we are upgrading to Server 4 and Yosemite, I was wondering if anyone knew what OS's are supported by Profile Manager in Yosemite Server. Thanks!

  Same question and answer as https://discussions.apple.com/thread/6601147
  Looking at the code for the /mydevices page, it appears that Server 4.0 supports all the same devices as Server 3.2.2:
  OSX (10.7 and later):
        if (majorVersion >= 10 && minorVersion >= 7) {
          osIsValid = true;
  iOS (iOS 4.1 and later):
        if (osVersion >= 4.1) {
          osIsValid = true;

• Can an IOS device be enrolled through profile manager when the server is set as .private?  If so what steps?

  I have my server set as server.xxxxxx.private, and need to know if it is possible to enroll it using profile manager.  I assume this would have to be done when the IOS device is on the same network, and subsequently the DNS server would have to be added to the WiFi configuration.  When I do this it tells me that Safari can't open the page.  I manually installed the self signed certificate.

  Same issues here.
  Buggy as ****..
  Also after some time, the Profile Manager PAne doesn't even fill in Server.app.....stays at Loading...
  Nevertheless, the service itself works with the bug you outlined, plus enroll is impossible for me (check my post here: Can't enroll devices with Profile Manager - invalid key  )
  I hope all these get fixed in 10.7.1   !!!

• Can os x server Profile Manager updates iOS os and appl installation?

  I've currently use Apple configurator to push profiles, update OS and app deployment to our College ipads. Have been told to use os x server to deploy instead. After upgraded the macbook air to mountain lion and install os x server, i'm kinda wondering does the profile manager in os x server is only for pushing out profiles and assigning users to the ipads etc? Do i still need to use apple configurator to do all the updates and appl installed first then use profile manager to push profile?
  We've got quite alot of ipads need setting up and we normal use a ipad case where one usb cable connect to the laptop and charging case to deploy our apps.

  How to configure ibm traveler as a profile for iOS devices:
  http://www.manageengine.com/products/desktop-central/configuring-ibm-traveler-fo r-ios-devices.html

• Profile manager enrolled device names

  I have been playing around with profile manger on 10.7.3 enrolling and iPhone and a couple of iPads.
  The iPhone enrolls correctly and the name in the devices tab shows the device name "xxx's iphone" and I can see the information about the device including encryption, apps installed etc.
  Both iPads appear to enroll correctly however instead of showing "xxx's iPad" they show the device name of "New Device".  I even tried pre-enrolling the device using the serial number and UUID and gave the device a meaningful name, however when then enrolling the device it accepts the enrollment and promptly chnages the name from the meaningful name back to "New Device".
  I have tried this on both and iPad 2 and iPAd 3 running the latest IOS.
  I also notice that the jobs that communicate with the device to collect the device informantion never complete, where they do for the iPhone.
  I am sure this was working before the IOS 5.1 update.

  I would try demoting your Open Directory server from Master to Standalone in the Server Admin app - there's an assistant in Server Admin > Open Directory > Settings > General > click the change button.
  Once it's demoted to a standalone, restart.
  From there, don't create an OD Master again - go to Profile Manager in Server.app and run through the wizard again.  In the process, it will create an OD Master for you.
  Hope that helps,
  Chris

• Is there any way profile manager without third party certificate

  Ok my business just got 30 ipads recently, so I wanted to find a way to quickly manage them. So I found profile manager. The only thing is, I really don't want to spend money on a ssl certificate just to use in my own office. Its not very big so I see no reason to need it.

  If you disable automatic update options, Pages can't be updated.
  This is the change in Mavericks since it otherwise updates it all.
  Or you could try 'locking' the application to make sure it won't be
  automatically updated, in addition to the above setting in Prefs.
  {Not sure since I'm not that famiiar with Mavericks, but there
  used to be a Software Update in sys prefs, and some of the
  update features could be modified there.}
  You could search this issue online, but if you do, don't be taken
  in by some additional ads in such sites as they will be found,
  that offer to let you download any applications, since there are
  a few out there (saw them when I double-checked my ideas)
  that can really mess up your Mac... with adware, genieo, etc.
  So, there may be some wild cheap or costly application that
  promises the moon on a silver platter. Be wary of adware. LOL
  Good luck & happy computing!

• On Mini iPad cannot connect to iTunes or AppStore when signed in - works on other devices. iTunes states that server certificate invalid - any ideas?

  When signed in with valid Apple ID have started receiving the following message when trying to open iTunes 'The certificate for this server is invalid. You might be connecting to a server that is pretending to be "itunes.apple.com" which could put your confidential information at risk.'
  When I try to access teh App Store it says "Cannot connect to server"
  When re-entering Apple ID and Password in Settings I get 'Cannot connect to iTunes Store'.
  This is a new problem - I have been connected until very recently and the Apple ID and connectivity are fine on other devices...
  Any ideas?
  Thanks!

  Saw this on another post.
  Applecare Senior Advisor Txx Bxxx (I have his contact info in an email he just sent) just confirmed with me that the problem people are having with the App Store not loading is an apple issue with there servers, ITS NOT YOUR IPAD so don't go restoring it!   It's not happening to everyone however but they are looking into it, its really hit or miss.
  In the meantime ...........
  The Complete Guide to Using the iTunes Store
  http://www.ilounge.com/index.php/articles/comments/the-complete-guide-to-using-t he-itunes-store/
  Can't connect to the iTunes Store
  http://support.apple.com/kb/TS1368
  iTunes: Advanced iTunes Store troubleshooting
  http://support.apple.com/kb/TS3297
  Best Fixes for ‘Cannot Connect to iTunes Store’ Errors
  http://ipadinsight.com/ipad-tips-tricks/best-fixes-for-cannot-connect-to-itunes- store-errors/
  Try this first - Reset the iPad by holding down on the sleep and home buttons at the same time for about 10-15 seconds until the Apple Logo appears - ignore the red slider - let go of the buttons.
  This works for some users. Not sure why.
  Go to Settings>General>Date and Time> Set Automatically>Off. Set the date ahead by about a year.Then see if you can connect to the store.
   Cheers, Tom

• On Mountain lion Server, renewing profile manager's code signing certificate

  Hello,
  I follow the article : HT5358 and i have always this error : certadmin Cannot find the certificate: Certificat de signature de code myserver.domain.fr.
  Is somebody can help me ?!
  Thanks !!!

  Hello!
  I just solved my problem - I read the KB article again and there it says
  "When entering the hexadecimal serial number, ensure that all letters are entered in lower case."
  Maybe it is the same with your problem.
  Bye,
  Christoph

• Icloud server certificate invalid

  Does anyone else get repeated gray pop up boxes in Outlook saying the icloud server has an "invalid certificate"  this has been happening for months. 

  This happened to me because my router was configured to use Open DNS servers (Primary 208.67.222.222, Secondary 208.67.220.220). Temporarily adjusting the DNS settings on the router to 4.2.2.1 and 4.2.2.2 did the trick. Open DNS does weird things with certain certificates. Even if your router is configured to used something else, try the ones listed above to see if it makes a difference.

• Profile Manager - no code signing certificate?

  I'm starting with a clean install of Lion Server. DNS is on an Xserve running Leopard Server.
  - CA signed certificates in place
  - DNS working fine
  - I create an OD Master (I've done this through Server.app, Server Admin and from hitting the "configure" button in Profile Manger, which triggers building an OD Master), and when the OD Master is built, an OD-based CA is created along with an OD-based intermediate certificate, but (and this is my problem), the OD-based code signing certificate is never produced, thus I don't have a code signing certificate to select when trying to enable "sign configuration profiles"?
  This is driving me insane. Anyone know why the code signing certificate isn't being generated?
  Thanks,
  Kristin.

  I'm starting with a clean install of Lion Server. DNS is on an Xserve running Leopard Server.
  - CA signed certificates in place
  - DNS working fine
  - I create an OD Master (I've done this through Server.app, Server Admin and from hitting the "configure" button in Profile Manger, which triggers building an OD Master), and when the OD Master is built, an OD-based CA is created along with an OD-based intermediate certificate, but (and this is my problem), the OD-based code signing certificate is never produced, thus I don't have a code signing certificate to select when trying to enable "sign configuration profiles"?
  This is driving me insane. Anyone know why the code signing certificate isn't being generated?
  Thanks,
  Kristin.

• Cannot Send Mail Server Certificate Invalide

  How do I resolve this issue with my Mail app?

  Hey sfillipow
  If you are having issue with the certificate is saying is invalid, check out the following article to help resolve the issue.
  OS X Mountain Lion: If your certificate isn’t being accepted
  http://support.apple.com/kb/PH10968
  Thanks for using Apple Support Communities.
  Regards,
  -Norm G.

• Tasks to iOS devices stuck sending in Profile Manager

  I am managing about 30 iPads and 10 iPhones through Profile Manager.
  I installed iOS 7 on a freshly wiped iPad and enrolled it with the server and everything works as expected (including locking, updating info, pushing settings, etc)
  I then updated an already enrolled iPad from iOS 6.1.3 to iOS 7. Everything appears to still be intact (all settings, apps, profiles, etc) but it will not longer accept commands (lock, clear passcode, push settings, etc) from the Profile Manager. When I try to send a task it just shows sending and never fails or completes. The iPad has internet access (it is on the same wifi network as the above mentioned iPad that is working fine)
  Other already enrolled devices that have not yet updated to iOS 7 seem to complete tasks (Update info) just fine.
  I was running 10.8.4 with OS X Server 2.2.1 when this began, and have since updated to 10.8.5 and Server 2.2.2 with no change in behavior.
  How can I troubleshoot why this iPad is not completing commands. I'm worried that as my users update to iOS 7 other iPads will not recieve commands and I will need to have them re-enroll with the server in order to manage them. (Which I would like to avoid if possible)

  I've already asked people to hold off on updating, but without any way to prevent them from updating, I just have to hope...
  I installed the iPCU and have looked at the console but I'm not seeing anything relevant. It's like the the command isn't being recieved by the iPad at all (even though Profile Manager shows it as sending, the iPad has internet access, and another iPad on the same network has no problem recieving commands)
  Looking at the logs on an iPad that is receiving commands (the iPad with a fresh iOS 7 install, enrolled with Profile Manager after iOS 7 was installed)  I see entries related to MDM:
  Sep 19 07:18:05 iPad-iOS7 mdmd[99] <Notice>: (Note ) MDM: mdmd starting...
  Sep 19 07:18:06 iPad-iOS7 mdmd[99] <Notice>: (Note ) MDM: Looking for managed app states to clean up
  Sep 19 07:18:08 iPad-iOS7 mdmd[99] <Notice>: (Note ) MDM: Network reachability has changed.
  Sep 19 07:18:08 iPad-iOS7 mdmd[99] <Notice>: (Note ) MDM: Push token received.
  Sep 19 07:18:13 iPad-iOS7 mdmd[99] <Notice>: (Note ) MDM: mdmd stopping.

• Profile Manager - Not Found  The requested URL /wiki was not found on this server.

  I have installed Lion Server with Web and Profile Manager services. When I log into the profile manager web page I receive the message "Not Found  The requested URL /wiki was not found on this server."  I followed the guide here for install http://krypted.com/iphone/setting-up-profile-manager-in-lion-server/.

  This was the fixed I found
  Fixing profile manager has been solved by someone else:
  1.  Turn off all services under Server app.
  2.  Under Hardware, settings, change SSL certificate to "none"
  3.  Under Hardware, network, reset host name again.
  4.  Under Hardware, settings, change SSL certificate back to correct one
  5.  Turn Web service ON.
  It may still say /var/empty.
  6.  Turn Wiki service ON
  7.  Recheck Web service.  It should be changed to /Library/Server/Web/Data/Sites/Default.