IT Endpoint Manager

Step 2 - Configure EM Communications

 

You need to install an Apple Push Notification (APN) certificate and a Google Cloud Messaging (GSM) token on your portal so Endpoint Manager can communicate with your managed devices.

The following sections explain how to:

• Add an APN Certificate

• Add a GCM Token

Add Apple Push Notification Certificate

• You need to install an Apple Push Notification (APN) certificate on your EM instance if you wish to manage iOS or Mac devices.

• You can enroll for an APN certificate using your Apple account. If you do not have an Apple account then please create one at https://appleid.apple.com. A free account is enough.

• The certificate is valid for one year. Endpoint Manager will remind you when your certificate is nearing expiry. It is free to renew the certificate each year.

• Follow the steps below to obtain and install an APN certificate:

Step 1- Generate your PLIST

• Click 'Settings' > 'Portal Set-Up' > 'Client Settings'

• Click the 'macOS / iOS' tab.

• Click the 'Create APNs Certificate' button to open the application form
  

• Complete the application form to generate a certificate signing request (CSR):

• Complete all fields marked with an asterisk. The information in these fields will go into your certificate, so be as accurate as possible.

• Click 'Create'.

• This will send a request to Comodo to sign the CSR and generate an Apple PLIST.

• Usually your request will be fulfilled in seconds:

• Download your Apple PLIST from the link in step 1. The file has a name similar to 'COMODO_Apple_CSR.csr'. Please save this to your local drive.

• Step 2 - Obtain Your Certificate From Apple

• Login to the 'Apple Push Certificates Portal' with your Apple ID at https://identity.apple.com/pushcert/.

• If you do not have an Apple account then please create one at https://appleid.apple.com.

• Once logged in, click 'Create a Certificate'.

Agree to Apple's EULA to proceed:

• On the next page, click 'Choose File', browse to the location where you stored 'COMODO_Apple_CSR.csr' and click 'Upload'.

Apple servers will process your request and generate your push certificate. You can download your certificate from the confirmation screen:

 

• Click the 'Download' button and save the certificate to a secure location. It is a .pem file with a name similar to 'MDM_COMODO GROUP LTD._Certificate.pem'

• Step 3 - Upload your certificate to EM
  

• Return to EM, click 'Settings' > 'Portal Set-Up' > 'Client Settings' > 'macOS / iOS'

• Click the 'Browse' button, locate your certificate file and select it.

• Click 'Save' to upload your certificate.
  

The certificate details box shows your certificate fields and the start/end dates:

 

Endpoint Manager can now communicate with iOS and Mac OS devices. You can enroll iOS devices and Mac OS devices for management.

• The certificate is valid for 365 days. EM will remind you when your certificate is due to expire.

• We advise you renew your certificate at least 1 week before expiry. If it is allowed to expire, you will need to re-enroll all your iOS and Mac devices.

• Click 'Renew' in the APNs certificate details interface to renew the cert:

• Click 'Delete' only if you wish to remove the certificate so you can generate a new APNs certificate

Add Google Cloud Messaging (GCM) Token

• Endpoint Manager requires a Google Cloud Messaging (GCM) token in order to communicate with Android devices.

• Endpoint Manager ships with a default token, but you can also generate a unique GCM token if required.

• To get a token, you must first create a project in the Google Developers console.

• Please follow the steps below to create a project and upload a token.

• Step 1 - Create a New Project

• Login to the Google Firebase API console at https://console.firebase.google.com, using your Google account.

• Click 'Add Project'

• Type a name for the new project in the 'Project Name' field

• Click the pencil icon beside the 'Locations' field. Select your country and the Firestore server closest to you

• 'Use default settings for sharing Google Analytics for Firebase data' – Leave this selected

• Agree to the terms and conditions then click 'Create Project'.

 

• Click 'Continue' to go to the project dashboard

• Step 2 - Obtain GCM Token and Project number

• Click the hamburger button at top-left

• Click the gear icon beside 'Project Overview' and choose 'Project settings':

• The 'Settings' screen for the project will open

• Click the 'Cloud Messaging' tab:
  

• Copy the server key and sender ID

• Step 3 - Enter GCM Token and Project number

• Login to Endpoint Manager

• Click 'Settings' > 'Portal Set-Up' > 'Client Settings' > 'Android' > 'Android Cloud Messaging' tab

• Click the edit button  at the top right of the 'Cloud Messaging Token' column, to view the GCM token and project number fields

• Paste the 'Server key' into 'Android (GCM) Token' field.

• Paste the Sender ID into 'Android (GCM) Project Number' field.

• Click 'Save'.
  

Your settings will be updated and the token/project number displayed in the same interface.

Endpoint Manager can now use the token to communicate with Android devices.