If you're using self-signed/self-issued certificates, make sure that you have the root-level cert of your Certificate Authoritiy installed on your iOS device. Otherwise, the iOS device will decline the installation of the Afaria/Sybase client MDM cert during enrollment.

The "sign messages sent to iOS" is an optional Afaria component for signing the client MDM cert, subsequently signing all payload exchange between Afaria and iOS. It is a reasonable option to install, but not required.

hth, v.

Hi Sudharsan,

It could be because of below issues.

1. Your relay server (first point of contact from device) is not having proper certificate installed (it means cert not issues to FQDN).

2. If your device is contacting directly to Afaria server then your SSL cert is not issued to FQDN (fully qualified domain name).

3. During installation of enrollment server, you need to select cert of server to which your device will contact first. If you device contact through relay server then relay server cert should be selected during enrollment server installation.

To explain what FQDN cert means is that lets say your device contact to http://relayhost.domain.com:80/ then relay cert should be issued to relayhost.domain.com or if it's http://10.0.0.4:80/ then cert should be issued to 10.0.0.4. Same applies to Afaria server SSL port, if your device contacts directly.

Regards,

Abhishek Joshi

Check if installed Afaria 6.6 Feature Pack 1 on the server without this will not be possible to establish the connection, to see more description of the error can connect to a mac device and see the console with error messages in the XCODE