Device enrollment fails, error: server certificate is invalid
I have an Xserve running 10.7.2 Server fully patched today.
We have a valid SSL from GoDaddy installed. Lion's firewall is off, hardware firewall is not blocking any traffic.
From an iPad I can access the profile manager through the webpage https://mydomain.com/profilemanager and log in successfully. I can install the Trust Profile successfully.
When I try enroll the device it gives me this error:
The server certificate for "https://mydomain.com/devicemanagement/api/device/ota_service" is invalid
This issue is resolved. When installing the SSL cert from GoDaddy in Lion server there are two items that need to take place outlined in GoDaddy's guide for OS X Server 10.6:
- Install Intermediate Chain
- Install Certificate
The Intermediate Chain had not been completed and thus the Certificate was from showing as coming from an unsigned authority. Once the Intermediate Chain had been installed I was able to successfully enroll the device.