Turns out my problem lied with my certificates. Here is how I solved my problem:
- I copied the client-truststore.jks and wso2carbon.jks in to a folder.
- In the folder I created a batch file with the code below and executed it. *In order for this code to work you need to place the BouncyCastel.jar - bcprov-ext-jdk15on-1.46.jar file in both your C:root and copy it to the jre/ext folders under program files. Also make sure you have SSL installed and set in your environmental variables, along with java's keytool.
- When executing the batch file make sure you set the passwords correctly; the CA set to 'cacert', RA set to 'racert' and IA set to 'iacert'. When you reach the KEYSTORE.p12,ca.p12 and ra.p12 exports, set their passwords to 'wso2carbon','cacert' and 'racert' respectively. *Remember to use your server IP when setting the Common Name of the certificates. *Also when prompted to over ride the wso2carbon aliases in the client-truststore.jks and wso2carbon.jks, say yes .
- Next copy the client-truststore.jks, wso2carbon.jks and wso2mobilemdm.jks to your /repository/resources/security, replacing the old ones.
- Copy the generated emm_truststore.bks to your res/raw folder in your application and update the CommonUtilities.java to reflect the truststore password (which is 'wso2carbon' in this case, change it in the batch file if you like).
- Update your /repository/conf/mdm-conf.xml file just like the iOS server example at point 11.
- Lastly, when you export your application you can make use of the wso2mobilemdm.jks to sign your application.
All these passwords and aliases are used for simplicity and once the underlying concepts and workings are understood you can change them as long as all changes are reflected appropriately.
openssl genrsa -out ca_private.key 4096
openssl req -new -key ca_private.key -out ca.csr
openssl x509 -req -days 365 -in ca.csr -signkey ca_private.key -out ca.crt -extensions v3_ca
openssl rsa -in ca_private.key -text > ca_private.pem
openssl x509 -in ca.crt -out ca_cert.pem
openssl genrsa -out ra_private.key 4096
openssl req -new -key ra_private.key -out ra.csr
openssl x509 -req -days 365 -in ra.csr -CA ca.crt -CAkey ca_private.key -set_serial 02 -out ra.crt -extensions v3_req
openssl rsa -in ra_private.key -text > ra_private.pem
openssl x509 -in ra.crt -out ra_cert.pem
openssl genrsa -out ia.key 4096
openssl req -new -key ia.key -out ia.csr
openssl x509 -req -days 730 -in ia.csr -CA ca_cert.pem -CAkey ca_private.pem -set_serial 044324343 -out ia.crt
openssl pkcs12 -export -out KEYSTORE.p12 -inkey ia.key -in ia.crt -CAfile ca_cert.pem -name "wso2carbon"
openssl pkcs12 -export -out ca.p12 -inkey ca_private.pem -in ca_cert.pem -name "cacert"
openssl pkcs12 -export -out ra.p12 -inkey ra_private.pem -in ra_cert.pem -chain -CAfile ca_cert.pem -name "racert"
keytool -importkeystore -srckeystore KEYSTORE.p12 -srcstoretype PKCS12 -destkeystore wso2carbon.jks
keytool -importkeystore -srckeystore KEYSTORE.p12 -srcstoretype PKCS12 -destkeystore client-truststore.jks
keytool -importkeystore -srckeystore ca.p12 -srcstoretype PKCS12 -destkeystore wso2mobilemdm.jks
keytool -importkeystore -srckeystore ra.p12 -srcstoretype PKCS12 -destkeystore wso2mobilemdm.jks
set CLASSPATH=%CLASSPATH%;c:\bcprov-ext-jdk15on-1.46.jar
keytool -importcert -trustcacerts -keystore emm_truststore.bks -storetype bks -storepass wso2carbon -file ca_cert.pem -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath ./