Signing iOS MDM profiles with a trusted root certificate in Kaspersky Security for Mobile
iOS MDM profiles are signed with a certificate is an additional measure to prove their trustworthiness, but it is not a requirement. If you get a warning that a downloaded profile is not signed, you can ignore it and proceed with the installation: this will not affect the device management functionality.
If you want to sign the iOS MDM profiles with a certificate, use the guide below.
If you experience problems installing the iOS MDM profile on a device or encounter errors upon synchronization of the device with the iOS MDM Server, check if the iOS MDM settings are correct. See this article for instructions. If the issue persists, submit a request with a detailed description of your issue to Kaspersky technical support via Kaspersky CompanyAccount. For information on how to create a request, see corresponding section of the knowledge base.
How to sign an iOS MDM profile
- Open Kaspersky Security Center.
- Go to Mobile Device Management.
- Right-click the Mobile devices section and select Properties.
- Open the Connection settings for iOS devices and click Browse.
- Choose the certificate type:
If you choose PKCS#12 container, specify the certificate file and password.
If you choose X.509 certificate, specify the private key, its password and the open key file.
- Click OK.
All issued iOS MDM profiles will be signed with this certitifcate.
You can use your own certificates or get a certificate from a certification authority.
We recommend that you use a trusted root certificate with no less than 2048 bit of key length issued by third-party certification authorities.