Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Open Keychain Access, located in: Applications ž> Utilities >ž Keychain Access.app.
  2. Create a CSR. Keychain Access > žCertificate Assistant > žRequest a Certificate from a Certificate Authority... 
    Image Removed
    Image Added
  3. Enter the AppleID and Server name that you are going to be associating with this certificate in the "Common Name" field.

    Tip
    titleCommon Name

    Certificate Private Key names are visible in Keychain and the Common Name is used to set the Private Key name.  Supplying the Apple ID and Server as the Common Name, ensures the Apple ID used to generate the certificate will be stored for future reference.

    Image RemovedImage Added

  4. Select the radio button "Saved to disk" and click Continue. 
  5. Save the CSR request, ready to upload to FileWave in the next section.

    Tip
    titleCertificate Storage

    Consider creating a secure location to store the created certificates and sub divide them using the date or year, e.g folder named: 'MDM APNs certificates 2020'.


...

  1. Navigate to https://csr.filewave.com/list_csr and login.
  2. Upload the previously created CSR.
  3. 'Download signed CSR' should list this uploaded and now signed CSR. 
  4. Download this newly signed CSR, ready for upload to Apple in the next section.  Again consider where this certificate is stored.

Image RemovedImage Added

Upload the signed FileWave CSR to Apple

Section
bordertrue


Column
width50%
Creating a Certificate
  1. Navigate to: https://identity.apple.com/pushcert/ and log in with an Apple ID.

    Tip

    This Apple ID will own the certificate and is required for every renewal.  Do not use a personal Apple ID, to avoid complications if that person where to leave the business or institution.


  2. Click 'Create'.
  3. 'Accept' Apple's 'Terms of Use'.
    Image Removed
    Image Added


Column
width50%
Renewing a Certificate
  1. Navigate to: https://identity.apple.com/pushcert/ and log in with the Apple ID used to initially create the certificate. 
  2. Confirm the Certificate to renew.
  3. Select 'Renew'.

To confirm the certificate, compare the Subject DN (Topic) and current certificate.

Clicking the 'i' button will show the certificate details, including the Topic:

Image RemovedImage Added

Ensure this matches with the 'Current Certificate' in FileWave Admin > Preferences > Mobile > Apple Push Notification Certificate:

Image RemovedImage Added

Warning

If the 'Topics' do not match do not continue.  If the correct certificate is not in the list on Apple's website, this is the wrong Apple ID.  If this guide was followed in creating the original certificate, the previously used Apple ID will be viewable from the certificate "Private Key".



...

Click 'Upload' and Apple will return a 'Confirmation'.


Image RemovedImage Added

Click 'Download' and save the ".pem" file.  Again consider where this certificate is stored.

Image RemovedImage Added

Create a ".p12" from the Signed CSR

  1. Navigate to the downloaded ".pem" file and double-click to open in Keychain Access.  It should appear in the 'login' Keychain.

    Warning
    titleKeychain

    If imported into the System Keychain, the Private Key will not be accessible.


  2. Select the 'login' keychain in the upper left panel and 'My Certificates' category in the lower left panel. 
  3. Locate the imported certificate.  It will begin with "APSP:".
  4. Click the disclosure triangle and select the expanded private key.

    Anchor
    KeychainPrivateKey
    KeychainPrivateKey

    Tip
    titleCommon Name and Topic

    The name of the Private Key will show the value defined as the "Common Name" from the creation of the CSR.  Where recommendation was followed, this should list the Apple ID and Server name.  Additionally the name of the Certificate is the same as the Topic.


    Image RemovedImage Added

  5. From the 'File' menu, choose ž'Export Items...'.
    Image Removed
    Image Added

  6. Export as a .p12 file.  Again consider where this certificate is stored.
  7. Click Save.
    Image Removed
    Image Added

  8. Leave the password blank.
    Image Removed
    Image Added

  9. Enter your local admin account, when prompted, allowing Keychain to export.

Image RemovedImage Added

Uploading the Certificate into FileWave

  1. Launch the FileWave Admin and login to the FileWave server.
  2. Open the FileWave Admin žPreferences.

     Image RemovedImage Added

  3. Select the 'Mobile' tab.
  4. Click 'Browse' and navigate to the saved ".p12" APNs certificate.
  5. Select the exported ".p12" certficatecertificate.
  6. Click 'Upload APN Certificate/Key Pair'.
  7. The topic should match the previous topic.
    Image Removed
    Image Added

  8. That is it! FileWave may now manage Apple devices using Apple’s Push Notification Service.

...