MDM.cer Private Key?

Hello,


I have been following some instructions I found online for setting up and running a custom MDM server. In one of the steps it talks about creating and MDM Vendor CSR. Below I have listed out these steps from the website. I have done up to Step 5, but in step 5 it talks about getting the private key from the MDM Vendor CSR after it has been installed into Keychain Access. Once I get here, for me, there is no disclosure triangle to display the private key. Has something changed in this process and the private key is now located somewhere else or needs to be created in some different way?


One other thing to make note of is, what gets downloaded in step 5 is a file named mdm.cer. Should this file actually be named mdm.csr? If so, then maybe my Enterprise account is not flagged for MDM Vendor use. I am not the team agent, so if what I previously mentioend is the case, then I would need to get with that person and have the account flagged appropriately. I would think if the account is not flagged for MDM Vendor use then it should not have access to:


MDM CSR

For signing certificate signing requests from MDM solution customers for MDM certificate issuance at identity.apple.com. For more information, read the Mobile Device Management Protocol Reference.


Here are the steps that are listed on the website:


  1. Create a iOS Developer Enterprise account
  2. Contact Apple Developer Support and request your account be flagged for MDM Vendor use.
  3. Create a MDM Vendor CSR
    • Fire up Keychain Access and Request a Certificate From a Certificate Authority.
    • User Email Address: Enter same e-mail address used for Apple ID.
    • Common Name: <company name> MDM (e.g. Acme Inc. MDM)
    • Request is Saved to Disk.
  4. Upload the CSR to Apple via the iOS Certificate Manager
    • Add a new certificate and select MDM CSR under the Production category.
    • Click through the one or two screens and then attach the CSR to the form.
    • When it finishes you should have a success message.
  5. Download the Apple signed certificate and load into Keychain Access
    • Inside Keychain Access under your Certificates you should have a new item called MDM Vendor: Acme Inc.
    • If you expand the certificate you should see your Acme Inc. MDM private key.


Any help in this would be appreciated.


Thank you,

Gerald

Up vote post of GeraldFAS Down vote post of GeraldFAS
2.4k views
Posted by
GeraldFAS
Reply
Add a Comment

Replies

Were you able to figure this out? I am having the same issue myself and would love to know what you did to solve your issue.

Posted by
dleonard02
Up vote reply of dleonard02 Down vote reply of dleonard02
Add a Comment

Same problem here. Did you guys manage to solve this?

Posted by
pkh
Up vote reply of pkh Down vote reply of pkh
Add a Comment

The doc has been wrong for at least a year. Frustrating to say the least! This is what worked for me:

1. Select the 'Login' keychain.

2. Go to File -> Import Items... then import mdmvendor.cer.

3. You are then, and only then, presented with the ability to view the private key.

4. Export the key.


Good luck!

Posted by
mdt1024
Up vote reply of mdt1024 Down vote reply of mdt1024
Add a Comment