Hi,
We have implemented Over The Air (OTA) profile delivery with 3 phases :
Phase 1 : Authentication
Phase 2 : Certificate enrollment. A new certificate is sent to device and replaces Apple certificate
Phase 3 : Device configuration. Device response is signed with the new certificate and server responds with a config file.
The first delivery works fine.
We try to deliver a second configuration profile with the same device : iPhone 6 plus iOS 8.1.1
In reading Apple documentation, (https://developer.apple.com/library/content/documentation/NetworkingInternet/Conceptual/iPhoneOTAConfiguration/OTASecurity/OTASecurity.html#//apple_ref/doc/uid/TP40009505-CH3-SW1)
For the second delivery, "if the device has been registered previously and is merely requesting a new configuration, it signs the request with the certificate previously provided by the CA" (Apple documentation).
But for the second delivery, device response is still signed with Apple certificate and not with the certificate sent in the first Phase 2.
Do you know why the device still uses the Apple certificate and not the certificate previously got in Phase 2 for a new configuration ?
Thanks for your help.