Part 2: Extracting and Converting Keys and Certificates
Part 2: Extracting and Converting Keys and Certificates
%20environment%20showing%20various%20components_%20a%20Linux%20server,%20Apple%20Developer%20account,%20K.webp "Part 2: Extracting and Converting Keys and Certificates")
Step 5: Extract Keys and Certificates Using Openssl
To use your certificates in the MDM server, you need to extract and convert them into the correct formats.
Extract the Private Key:
bash# Extract private key from the p12 file openssl pkcs12 -in private.p12 -nocerts -out key.pemRemove the Password from the Private Key:
bash# Strip the password from the private key openssl rsa -in key.pem -out private.keyExtract the Certificate:
bash# Extract certificate from the p12 file openssl pkcs12 -in private.p12 -clcerts -nokeys -out cert.pemConvert the Certificate to DER Format:
bash# Convert the certificate to DER format openssl x509 -in cert.pem -inform PEM -out mdm.cer -outform DER
Step 6: Generate Apple Push Certificate CSR Using Python Script
Prepare the Environment:
- Clone the required git repository:bash
git submodule init git submodule update - Copy
private.key,push.csr, andmdm.certo the/vendor/directory.
- Clone the required git repository:
Run the CSR Signing Command:
bash# Use mdm_vendor_sign script to generate applepush.csr python mdm_vendor_sign.py –key private.key –csr push.csr –mdm mdm.cer –out applepush.csr
Step 7: Obtain the Push Certificate from Apple
Access Apple’s Push Certificates Portal:
- Click
Create a Certificateand uploadapplepush.csr.
- Click
Download the Push Certificate:
- Save the push certificate and open it in Keychain Access.
Join the conversation