Using Self-Signed certificate during enrolment through DEP

MDM docs seys that we may use anchor_certs key to specify certificates that are used as trusted anchor certificates when evaluating the trust of the connection to the MDM server URL.

In Mac logs I see:

Setup Assistant[367]: CloudConfigurationManager: MDM profile received: NO With Credentials: NO Error: Error Domain=CPProfileManager Code=-218 "The server certificate chain for your organization’s MDM server was not properly set up." UserInfo={NSLocalizedDescription=The server certificate chain for your organization’s MDM server was not properly set up., NSLocalizedRecoverySuggestion=Please contact your system administrator.}

And there is no details about what is wrong with the chain. I use following to create my certificate for MDM server:

openssl genrsa -out <hostname>.key 2048

openssl req -new -x509 -key <hostname>.key -out <hostname>.pem -days 3650 -subj '/CN=<hostname>'


Where I can find requirements for such certificates? Maybe someone can share openssl commands to issues certificates?




Hi, did you find a solution to this problem?
Using Self-Signed certificate during enrolment through DEP
 
 
Q