Q: Profile Manager - Reenroll devices with CA signed certificate needed?

Hi there I just wanted to know, did you find a resolution to this?

We are currently having the same problem and would like any solution!

eloybrea wrote:

 

Hi

 

Im signing my iPhone Configuration Profiles with an self-signed certificate.

 

Apple site says:

http://support.apple.com/kb/HT5358

Additional Information

Currently, iOS will not accept updates through Profile Manager after renewing the code signing certificate. For each iOS device using Profile Manager, they will need to remove the Trust Profile and Enrollment Profile in Settings > General > Profiles, and then navigate to the Profile Manager User Portal at https://myserver.mydomain.com/mydevices to install the current Trust Profile and re-enroll the device.

 

 

My questions now are:

 

1. If I buy a CA signed Code Signing Certificate, do i have to reenroll the devices?

 

2. If I renew a purchesed certificate, do i have to reenroll the devices?

 

Many thanks for your anwsers!

 

Cheers,

Eloy

As far as I am aware code signing certificates are different to 'normal' server SSL certificates and will be signed by the Apple Code Signing Certification Authority even if you have a paid for server certificate.

Regardless of the above, all code signing certificates when renewed will result in you having to delete and re-enroll all iOS devices. Yes this is a terrible design flaw. One hopes it will be fixed in iOS 7.0 and/or OS X 10.9 & Server.app

We have hundreds of devices enrolled and I totally regret doing it at this point...  I have no way of getting all of these devices re-enrolled.   This is the worst design flaw in a product I have ever seen. I don't even know what to do at this point.

Have any new light shined on this huge big time design flaw yet?

We have 1100+ iOS devices whose Trust Profile and Enrollment Profile certificate expires within 2 months. Re-enroll every device thru Profile Manager User Portal is not an attractive option.