Search code examples
iosmdm

Generating MDM certificate

For implementing a app like Kidslox or Screen Time and I need to make use of MDM server. I went through various blogs for creating or setting-up the MDM server and for that MDM certificate is required. But I'm not getting the MDM CSR option while creating a new certificate.

enter image description here

I already have the Apple's Developer account so my biggest question is that:

Do I really need to signup for the Apple's Enterprise Program?

This answer says that we do not require enterprise account for using an MDM service but we require it for creating an MDM service? Quite confusing.

Here are the blogs & posts that I referred:

  1. MDM protocol https://developer.apple.com/enterprise/documentation/MDM-Protocol-Reference.pdf
  2. https://developer.apple.com/library/archive/documentation/NetworkingInternet/Conceptual/iPhoneOTAConfiguration/profile-service/profile-service.html#/
  3. Understanding certificates https://micromdm.io/blog/certificates/
  4. generate MDM certificate
  5. http://avibirnale.blogspot.com/2013/05/mdm-development-configuration-for-ios.html
  6. How to develop mobile device management application in iOS
  7. How to develop iPhone MDM Server?
  8. https://docs.oracle.com/cd/E60418_01/doc.1210/e58650/admmdmarch.htm#OLDEP080
  9. https://developerinsider.co/how-to-create-a-verified-ios-mobile-device-management-mdm-profile/
  10. MDM Architecture https://docs.oracle.com/cd/E60418_01/doc.1210/e58650/admmdmarch.htm#OLDEP100
  11. Prerequisites for MDM https://github.com/macadmins/mdm-server/blob/master/README.md#prerequisites

I went through the top questions of MDM as well: https://stackoverflow.com/questions/tagged/mdm+ios?sort=frequent

Most of these blog posts are quite old so I believe things have changed since then so I'm curious why we need the enterprise account when that program is majorly for distributing proprietary in-house apps within the company or organization while we are doing this for end-users?

Solution

  • Yes, in order to become an MDM vendor with Apple, you need an Enterprise Developer Program; this program requires you to register it in a company name (not a personal name), be registered with your country's tax department, and also obtain a DUNS (Dun & Bradstreet) number.

    All in all, just a bit of paperwork and a few hundred dollars would set you straight.