Device Enrollment works for desktop but fails for iOS devices

Question

I've been doing a ton of reading, and even found this question ( Device enrollment fails, error: server certificate is invalid ) and followed the instructions.

• I first installed my Godaddy certificate in my Server.app
• Then I enabled Wiki and Profile Manager, configuring the certificate and all that jazz.

When the invalid certificate error came up, I did some digging, and found the above thread.

• I went and installed the intermediary certificate but didn't bother replacing the gd certificate, since it was already installed.
• I rebooted the server for safe measure, and tried again.

Problem is, I'm still getting the same darn error... what could be up?

FYI: Here's the article regarding installing certs from Godaddy.

Answer 1

Interesting Story.

I went into server certificates, created an unsigned certificate... enabled it and attached it to the Profile Manager. Tried to enroll, and FAILED.

Then I went back into server certificated, re-installed the signed Godaddy certificate... enabled it and attached it to the Profile Manager. This time, enrollment PASSED.

So freaking strange.

Answer 2

to allow the enrollment, I went to the Hardware and then select settings tab. there I went to custom SSL and then make sure that the certificate that was recognized by apple is selected for the web then it work...

Answer 3

In general, I am doing a two step enrollment:

1. From https://server.local/mydevices select Profiles and then install the Trust Profile
2. Select Devices and then Enroll

I do make sure that DNS is running on the OSX server and only have two zones for the server IP itself and a forwarder to your preferred DNS server. Also, this works with unsigned certificates loaded, so you should be able to know fairly quickly that it's a DNS issue where the cert and the server are not matching if things work when you install the trust profile first.