Apple APNs CSR creation fails

  • 7021185
  • 07-Aug-2017
  • 07-Aug-2017

Environment

ZENworks Configuration Management 2017 Mobile Device Management


Situation

The Apple APNs CSR fails to generate with the following error message in service-messages.log:
"...
ZENServer REST Client response for MDM Server ... is 301
..."
or
"...
ZENServer REST Client response for MDM Server ... is null
..."

Resolution

Ensure the DNS names on the server certificate resolve on the Primary Server itself, the resolved IP addresses can be pinged & actually do connect to the Primary Server itself.

Additional Information

- Error message: "ZENServer REST Client response for MDM Server ... is 301"
This issue is most likely seen after importing a wildcard certificate with additional DNS names e.g. for the public IP address of NAT router forwarding the communication to the actual Primary Server. In this case the additional DNS name resolves to another web server than the ZENworks Primary Server itself. The workaround / solution is insert this DNS name into the local hosts file and resolve it to the local bound IP address.


In case of error message "ZENServer REST Client response for MDM Server ... is null" the rest client is not able to connect to any resolved IP address at all. This is seen having the Primary Server in the DMZ, blocking a ping to the server's IP address.

Please note in case a wildcard certificate is used, the Primary Server DNS names & IP address are picked from the device registration information as stored in the SQL database.