Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 7 subscribers
  • Views 5661 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Error enrolling iOS iPhone - could not send ios mdm apns trigger for Device No trusted certificate found

AlexTalmage

Just trialling SMC. I've configured my Apple APN but when I try to enroll a device, either via self service or manually via web console it sits with the enroll task at "Notify" and the device unmanaged.


Synchronisations are working fine between SMC server and iPhone.

I've configured APN certificate, etc. Am I missing something?

The error in the server.log is:

2016-08-17 16:47:48,367 ERROR [com.sophos.mobilecontrol.server.apns.APNSConnectionManager] (EJB default - 69) could not send ios mdm apns trigger for Device [deviceId=6, deviceGroupId=2, customerId=1, name=test, description=, email=test@test.com, osId=2, userId=6, phonenumber=, lastSeenDate=2016-08-17 16:47:37.367,lastAppSyncDate=2016-08-17 16:47:37.367,deviceOwner=corporate, managedState=enrolling, compliant=false, easState=ALLOWED_BY_COMPLIANCE, nacState=ALLOWED_BY_COMPLIANCE, smeState=ALLOWED_BY_COMPLIANCE, complianceViolationSeverity=NOT_COMPLIANT_SEVERITY_LOW, Base [tan=3, updateDate=2016-08-17 16:47:37.397, insertDate=2016-08-17 16:46:53.083, updatedby=system, insertedby=admin]]: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found



This thread was automatically locked due to age.
Parents
  • 0

    Hi Alex,

    have you uploaded and saved the APNS certificate for your super  administrator AND your SMC customer which manages the devices?
    You have to do the customer who manages the devices as well. Otherwise, the shown error might occur.
    Therefore, please double-check the APNS certificate

    Best regards
    Stefan

  • 0 in reply to SDU

    Hi Stefan, thanks for your response.

    I figured this out in the end. The Sophos Mobile Control server needed traffic allowed outbound to "gateway.push.apple.com" over port 2195. This was being dropped by our firewall, but upon allowing the traffic out it worked correctly.

    I'm not sure if this is detailed in any of the getting started or installation guides, unless I skipped over that section?


    Alex

Reply
  • 0 in reply to SDU

    Hi Stefan, thanks for your response.

    I figured this out in the end. The Sophos Mobile Control server needed traffic allowed outbound to "gateway.push.apple.com" over port 2195. This was being dropped by our firewall, but upon allowing the traffic out it worked correctly.

    I'm not sure if this is detailed in any of the getting started or installation guides, unless I skipped over that section?


    Alex

Children
No Data
Unfiltered HTML