To replace a profile before the server certificate expires, follow these steps:

1. Using a special kliossrvcertgen utility, generate a profile with a new root certificate and a server certificate, with the following input values:

   • fqdn – FQDN server;
   • validity – certificate lifetime, days (by default, 3650 days, i.e., 10 years);
   • out – certificate name;
   • pwd – password (not set by default);
   • outprof – name of the new profile.
   
   

   To generate a mobile device profile named prof.mobileconfig and a server certificate with the name cert.pfx with installation password 1234 and a lifetime of ten years for the server myfqdn.com, run the command:

   kliossrvcertgen.exe -fqdn myfqdn.com -validity 3650 -out cert.pfx -pwd 1234 -outprof prof.mobileconfig
   

2. Import the new profile on the iOS MDM server. Open the properties of iOS MDM mobile devices server, select Profiles and click Import.

3. Distribute the new profile to the devices. Go to the node Mobile devices - > iOS MDM mobile devices, open the context menu and select Install profile to device.

4. Replace the old server certificate with a new one. Open the properties of iOS MDM mobile devices server, select Certificates and click Install.

   Attention! Replace the server certificate only after the profile has been delivered to all devices.

If the server certificate has expires, replace it in the following way:

1. Using a special kliossrvcertgen utility, generate a server certificate with the following input values:

   • fqdn – FQDN server;
   • validity – certificate lifetime, days (by default, 3650 days, i.e., 10 years);
   • out – certificate name;
   • pwd – password (not set by default);
   • outprof – name of the new profile.
   
   

   To generate a mobile device profile named prof.mobileconfig and a server certificate with the name cert.pfx with installation password 1234 and a lifetime of ten years for the server myfqdn.com, run the command:

   kliossrvcertgen.exe -fqdn myfqdn.com -validity 3650 -out cert.pfx -pwd 1234 -outprof prof.mobileconfig
   

2. Install a iOS MDM server certificate. Open the properties of iOS MDM mobile devices server, select Certificates and click Install.

3. Generate profiles for each user. Go to the node User accounts and select Install iOS MDM profile from the context menu. Old iOS MDM profiles need to be retained on the devices.