Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Generating and configuring APNs Certificate in Windows 2003 Server using IIS 6.0

    • Updated:
    • 16 Oct 2015
    • Product/Version:
    • Mobile Security for Enterprise 8.0
    • Mobile Security for Enterprise 9.0
    • Mobile Security for Enterprise 9.1
    • Mobile Security for Enterprise 9.2
    • OfficeScan 10.6
    • Platform:
    • Windows 2003 Server R2
    • Windows 2003 Small Business Server
    • Windows 2003 Small Business Server R2
Summary

Learn how you can generate and configure APNs (Apple Push Notification service) Certificate in Windows 2003 Server using IIS 6.0.

Details
Public
 
Creating a Certificate Signing Request (CSR) for Apple Push Notification (APN) does not require being in a specific virtual web site. The steps below will help you create a temporary web site to prevent conflicts or issues that may occur with other virtual web sites running on IIS 6.
  1. Go to Start > Programs > Administrative Tools > Internet Information Services Manager.
  2. In the IIS Manager, double-click the local computer.
  3. Right-click Web Sites, and then select New > Web Site.

    Create a new Web Site

  4. Click Next, and then enter the Apple Push Notification Service or any desired temporary web site. Click Next.

    Click Next

    Type a description of the Web site

  5. Leave the IP address to its default value "All Unassigned", and then enter a port that is not being used on the system. In the example below, "8886" is used which is a non-standard port. Click Next.

    Specify an IP address, port setting, and host header for the new Web site

  6. Select the Path or the temporary directory, and then click Next.

    Select a path, and then click Next

  7. Mark the Read check box to set the access permission.

    Set the permissions to Read

  8. Click Next, and then click Finish. Apple Push Notification Service shows as a new virtual web site.

    New virtual web site  you just created

  9. Right-click the Apple Push Notification Service, and then select Properties.
  10. Click the Directory Security tab, and then click the Server Certificate...

    Go to Directory Security tab, and then Select Server Certificate...

    The Web Server Certificate Wizard starts. Click Next.

    The Web Server Certificate Wizard starts

  11. Select Create a new certificate option, and then click Next.

    Select create a new certificate option

  12. Select Prepare the request now, but send it later option, and then click Next.

    Select Prepare the request now, but send it later

  13. Enter the following values in the fields provided:
    • Certificate name: Trend Micro Mobile Security for Enterprise MDM APNs
    • Bit Length: 2048 (for the encryption level)

    Type a name for the new certificate and set the Bit length

  14. Mark Select cryptographic service provider CSP for this certificate, and then click Next
  15. In the Available Providers window, select Microsoft RSA SChannel Cryptographic Provider, and then click Next.

    Select Microsoft RSA SChannel Cryptographic Provider

  16. In the Organization Information window, type the following, and then click Next:
    • Organization - This is the legally registered name of your organization/company.
    • Organizational unit - This is the name of your department within the organization.

    Enter the Organization and the Organization unit

  17. Enter "Trend Micro Mobile Security for Enterprise MDM APNs" in the Common name field, and then click Next.

    Enter the Common name

  18. Enter the following information about your organization, and then click Next:
    • Country/Region
    • State/Province
    • City/locality

    Enter the Geographical Information

  19. In the Certificate Request File Name window, save the CSR to your computer. Write down the location and filename.

    Save the CSR to your computer

  20. Review the information for the certificate request in the Request File Summary window. Do any of the following:
    • If you want to make revisions, click Back.
    • Otherwise,click Next, Accept, and then click Finish.

    Review the Request File Summary

  21. Submit the Certificate Request to Trend Micro Apple Push Notification Portal by:
    1. Open the Trend Micro APNs Certificate Signing Portal.
    2. Fill in the required fields.
    3. Enter your TMMS Activation Code.
    4. Copy and paste your CSR.
    5. Read and accept the Trend Micro License Agreement and Submit.

Option A. Use the certificate signed by Trend Micro.

Upload the CSR to Apple Push Certificates Portal

  1. Open your Internet Browser.
  2. Enter the following in the address bar:

    https://identity.apple.com/pushcert/

  3. Log in by using your Apple ID and password.

    Apple Push Certificates Portal

  4. Click Create a Certificate.

    Create a certificate

  5. Read the Terms of Use and accept the End User License Agreement.

    Terms of Use

  6. Select and upload the signed CSR that Trend Micro sent (.sigfile).

    Create a new push certifcate

  7. When the upload is finished, click Download to download the Apple signed certificate (.pem file).

    Certificates for Third-Party Servers

Option B. Use the certificate signed by Apple.

Use this option if you already have an existing account in Apple Enterprise Developer (paid subscription). Upload the CSR to your Apple Developer Portal (Apple will sign your certificate).

  1. Open the IIS Manager again. Go to Programs > Administrative Tools > Internet Information Services Manager
  2. Right-click the Apple Push Notification Service web site on the left panel, and then select Properties.

    Right-click Apple Push Notification Service

  3. Click the Directory Security tab and, then click Server Certificate... The Web Server Certificate Wizard starts. Click Next.

    Go the Directory Security tab, and the click Server Certificates

  4. Select the Process the pending request and install the certificate option, and then click Next.

    Select Process the pending request and install the certificate

  5. Browse the PEM file you downloaded from the Apple Push Certificates Portal, and then Click.

    Browse the PEM file. and then click Next

  6. Enter a non-standard HTTPS/SSL port that is not being used in the system.

    Enter a non-standard HTTPS-SSL port not being used in the system

  7. On the Certificate Summary screen, verify that the certificate information is correct, and then click Next.

    Review the certificate information

  8. Click Finish.
  1. Open Microsoft Management Console or MMC by:
    1. Go to Start > Run.
    2. Type "MMC", and click OK.
  2. Click File, and then select Add/Remove Snap-in...

    Go to File menu, and the select Add-Remove Snap-in

  3. Select Certificates from the Available snap-ins, and then click Add.

    Select Certificates, and then click Add

  4. Select the Computer account option, and then click Next.

    Select Computer account, and then click Next

  5. Select Local Computer: (the computer this console is running on), and then click Finish.

    Select local computer, and click Finish

  6. Click OK to close Add/Remove Snap-in window.
  7. Double-click Certificates (Local Computer) in the selected snap-ins list.
  8. At the Console Root, expand the directory. Select Certificates > Personal > Certificates.

    Select Certificates > Personal > Certificates

  9. Right-click the Apple Push Certificate, and then select All Tasks > Export. The Export Wizard opens, then click Next.

    The Certificate Export Wizard starts

  10. Select Yes to export the private key, and then click Next.

    Select Yes, export the private key and click Next

  11. Select the Personal Information Exchange –PKCS #12 (.PFX) format, and then mark Include all certificates in the certification path if possible and Enable Strong protection (requires IE 5.0, NT 4.0 SP4 or above) check boxes.

    Select Personal Information Exchange.. and mark Include all certificates... and Enable strong protection...

  12. Enter your password then click Next.

    Enter your password

  13. Enter the file name and location of the PFX file.

    Enter the file name and location of the PFX file

    You will receive the following notification when the export is successful:

    The export was successful

  14. Refer to TMMS 8.0 Installation and Deployment Guide for uploading APNs Certificate to Mobile Security Server.
Premium
Internal
Rating:
Category:
Configure; Deploy; Install
Solution Id:
1060668
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.