Welcome to Headwind MDM Q&A, where you can ask questions and receive answers from other members of the community.

IMPORTANT: Please notify the team about your question by filling in the form on the contact page. Otherwise, we may miss your question!

0 votes

I have setup HTTPS according to https://qa.h-mdm.com/1240/.

I am able to access the MDM server by HTTPS in Chrome, from both the device and the computer.

However when I'm scanning the QR code, the device reports a download error and prompts to reset.

I was however able to enroll the device when I changed the URL of the launcher to https://h-mdm.com/files/hmdm-3.47-master.apk

But Headwind MDM was unable to download any files from our MDM website!

What am I doing wrong?

by

1 Answer

0 votes

Since you were able to enroll the device but are still getting an error, you can try to get more diagnostics by using logcat.

Most probably, you will get a HTTPS certificate error:

Trust anchor for certification path not found.

This error means there's something wrong with the JKS certificate, for instance, missing  the chain of higher level certificates. 

Notice that Chrome can still trust the certificate because it has its own certificate checking method based on the higher level certificate signatures (so Chrome is more tolerant to the HTTPS configuration errors!).

To check your certificate, use the following command:

keytool -list -v -keystore /var/lib/tomcat9/ssl/server.jks

(check the path to the keystore path, it depends on the Tomcat version!)

Among other stuff, it will report Certificate chain length. Make sure this number is more than 1 (otherwise, you apparently forgot to include the chain of high level certificates).

If you see that the certificate chain is 1, you need to re-create the JKS file.

Remove the .p12 and .jks files, and retry creation of a JKS file.

Pay special attention to the creation of the CA certificate chain (CAchain.crt) and make sure you included the parameter

-certfile CAchain.crt

when you're creating a PKCS12 file.

by (9k points)
...