Search code examples
sslapple-push-notificationsmdm

Apple push notification service for MDM

I've read a tutorial about Apple push notification here

Due to it, I have to provide App Id to identify which application will receive the notification. In case of MDM server, the receiver is built-in client, so what value I have to put in field "App Id" when I register for SSL certificate

on another question I've post, I was answered that in case of MDM, the field "Topic" is used for built-in client to receive the notification. Topic is put in MDM payload that server sent to client. So how server register this field with APNS

Thank all,

Solution

  • 1) You don't go through usual push certificate creation route.

    What you do is following

    • You create a CSR for APNS request signging certificate
    • You send it to Apple and Apple will sign it, so you will have APNS request signing certificate
    • Each custom will create APNS CSR and send it to you
    • You will sign it with APNS request signing certificate
    • You will return this APNS CSR to the customer
    • The customer will upload it to Apple
    • Apple will sign it
    • Now, the customer has APNS certificate
    • The customer uploads it to the MDM server

    All of these is described in a lengthy details in MDM protocol documentaion.

    2)Here is how topic is shared between a client and the server

    • APNS certificate signed by apple will have a topic in it (in UID part of DN)
    • Your MDM server should extract it from APNS certificate and put it in MDM payload.
    • This payload will be delievered to a device and OS will send it to buil-it client
    • Now, both your server and built-in client know the shared topic.