Hi Shan, Since we need to migrate our CA implementation into IS provided one only its matter of defining that there. It applies to both CA and RA. +1 for using the API rather than asking them to create it themselves. I think we were discussing this previously as well to have this functionlity in the console.
Regards, Dilshan On Tue, Dec 16, 2014 at 3:20 AM, Shanmugarajah Sinnathamby <[email protected]> wrote: > > Hi Dilshan, > > We should find a way to avoid having self signed CA, in the long run we > have to suffer. > What I observed in other MDM is > > They have ROOT Certificate from Thwate > Intermediate certificate is also from Thwate. > Then they have the SSL certificate which is a SAN certificate > > The profile is signed by the SSL certificate . > Also the profile encapsulates the Device Identity certificate which is > signed by the SSL certificate. > > When compared with our profile we don't have the Device Identity > Certificate, its created by the OS and its not part of the profile. Hence > there is no need to have a CA certificate. > > Also the MDM profile which s pointing to the callback url has the tenant > ID , in that case we can partition the device request and see from which > tenant the request is coming from. > > Also noticed that Apple has API to create APNS certificate if the > customers provide their AppleID , so the configuration becomes much easier > in the device cloud. Also we can automate the enrollment of iOS to a great > extent. > > Lets have this in the new version of CDM, since it becomes very easy to > maintain. I will dig more into this on implementing this. > > > On Tue, Dec 16, 2014 at 10:52 AM, Dilshan Edirisuriya <[email protected]> > wrote: > >> Hi, >> >> Please find the flow chart of iOS mdm. Change it if its necessary. >> >> Regards, >> >> Dilshan >> >> -- >> Dilshan Edirisuriya >> Senior Software Engineer - WSO2 >> Mob: + 94 777878905 >> http://wso2.com/ >> https://www.linkedin.com/profile/view?id=50486426 >> > > > -- > *Shanmugarajah (Shan)* > Director, Mobile Architecture, > WSO2, Inc.; http://wso2.com > Email: [email protected] > Mobile : +94777748260 > Blog: http://shanfour.blogspot.com > -- Dilshan Edirisuriya Senior Software Engineer - WSO2 Mob: + 94 777878905 http://wso2.com/ https://www.linkedin.com/profile/view?id=50486426
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
