Views:

To resolve the issue:

  1. Install TMMS 9.8 SP2 Patch 1.
  2. Create a new directory named "NewCA" in the LCS.
  3. On the Communication Server root directory, copy the following files to the NewCA directory:
    • ccs.exe
    • CertConfigTool.exe
    • configuration.xml
    • gencert.bat
    • libeay32.dll
    • log4cxx.dll
    • mfc100u.dll
    • openssl.exe
    • openssl_gencert.cnf
    • ssleay32.dll
  4. On the NewCA directory, double-click CertConfigTool.exe to run the tool.
  5. Select Create a new self-signed certificate and then click Next.

    Create a new self-signed certificate

  6. Input the Common Name and Password, and click Next. The Common Name should be the same as the Local Communication Server setting, while the password has no requirement. Once completed, the new CA is generated.

    Use the existing Common Name and Password

  7. Copy tmmsmdm-ca.pem and rename it to tmmsmdm-ca.crt.
  8. Log into the TMMS web console and go to Administration > Certificate Management.
  9. Click Add and browse for tmmsmdm-ca.crt file, then click OK. No need to enter a password.

    Add certificate

    Certificate Management

  10. Under Certificate Policy of Policy For Group, tick the Enable certificate deployment option.
  11. Import TMMSMDM-CA, which is recently added in Step 9.

    Import TMMSMDM-CA

  12. Save the policy. The policy will then be deployed to all iOS devices.
  13. Make sure the certificate policy is deployed successfully.
    1. Go to Settings > General.
    2. Select Device Management.
    3. Click MDM Enrollment Profile and click More Details.
    4. Verify that the iOS device shows two (2) entries of "TMMSMDM-CA" certificates. One is for 1024-bit and another is for 2048-bit.

    Verify the two copies of TMMSMDM-CA

  14.  
    Before the new CA is deployed to all enrolled iOS 12 devices, do NOT upgrade to iOS 13 and do NOT proceed to Step 15 yet. If you proceed to Step 15, all enrolled iOS 12 and below devices without successfully deploying the new CA will not be able to communicate with TMMS server, and they need to re-enroll again.
    ​Once the new CA is deployed, upgrade iOS 12 devices to iOS 13. After the upgrade, all iOS 13 devices cannot successfully enroll yet, please proceed to the following steps.
  15. When the upgrade is complete, back up the following files located in the Communication Server root directory:
    • communication-server-cert.p12
    • tmmsmdm-ca.pem
    • ca directory
    • configuration.xml
  16. Copy the following files from the NewCA directory and paste them to the Communication Server root directory, to replace the old ones:
    • communication-server-cert.p12
    • tmmsmdm-ca.pem
    • ca directory
    • configuration.xml
  17. Restart the Mobile Security Communication Server service first, and then restart the Mobile Security Management Module Service after.
  18. All the enrolled iOS 13 devices don't deploy the new CA yet. Please re-enroll the devices again.

The iOS 13 devices can now successfully communicate with LCS.

Keywords: ios 13 cannot communicate,unable to connect ios 13 device to lcs