iOS MDM: Code:20 (Unable to get local issuer certificate)

Question

I have MDM server. When I enroll the iOS device the push token and other details are sent to the computer. After which, I couldn't able to send command to devices.

From this link i tried troubleshooting the service. When I try the command

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert YourSSLCertAndPrivateKey.pem -debug -showcerts -CAfile server-ca-cert.pem

I get a error saying verify return Code:20 (Unable to get local issuer certificate).

In YourSSLCertAndPrivateKey.pem I kept the MDM PushCert obtained from this site and its plain key, apple root certificate and AppleWWDRCA certificate.

In server-ca-cert.pem I kept the entrust certificate.

What could be the reason for this?

Answer 1

I was trying to use MDM certificate to go with push Notification. It is wrong.

MDM uses completely different type of certificates and the connect should be given with gateway.push.apple.com:5223.