You can sign an iOS MDM profile by a certificate. You can use a certificate that you issued yourself or you can receive a certificate from trusted certification authorities.
iOS devices display a disclaimer for non-signed profiles and prompt the user to trust the signer when installing the profile.
To sign an iOS MDM profile by a certificate:
In the Mobile Device Management folder in the console tree, select the Mobile devices subfolder.
In the context menu of the Mobile devices folder, select Properties.
In the properties window of the folder, select the Connection settings for iOS devices section.
Click the Browse button under the Select certificate file field.
The Certificate window.
In the Certificate type field, specify the public or private certificate type:
If the PKCS #12 container value is selected, specify the certificate file and the password.
If the X.509 certificate value is selected:
Specify the private key file (one with the *.prk or *.pem extension).
Specify the private key password.
Specify the public key file (one with the *.cer extension).