Skip to Content
author's profile photo Former Member
Former Member

Afaria: could not enroll iOS

i've faced below message while enroll iPhone to Afaria, please help:

below is my configuration,please tell if any missing:

we not yet received ssl certificate so that just using http,

my iphone can connect to the internet, i input tc7mcakq but receive below message:

Nov 1 15:46:31 nguyen Afaria[6582] <Warning>: Connection failed: Error - Could not connect to the server. http://localhost:80(null)/ps/ps.svc/packages/7234bd13f0cf495ce83e23d838f01beba1f008ec

Current afaria, enrollment, package server with port 80 can be accessed from public internet.

thank you very much!

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Nov 02, 2012 at 05:29 AM

    Hi Doan,

    I think problem is pretty simple. In client communication you have entered localhost details instead of machine details to which client should connect.

    So, when you give tiny url code in device it gets decoded to http://localhost:80(null)/ps/ps.svc/packages/7234bd13f0cf495ce83e23d838f01beba1f008ec which will obviously not reachable from device.

    It should be http://<Relay/Afaria host>:<HTTP_PORT>/ps/ps.svc/packages/7234bd13f0cf495ce83e23d838f01beba1f008ec

    I hope it helps.

    Regards,

    Abhishek Joshi

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Doan,

      You need not have to give HTTPS port information But for iOS5 onwards you will need an HTTPS connection to the first server where device is hitting.

      In your case, first server is afaria itself hence when you install iPhoneServer, you need to select the certificate and https port number. Certificate should point to correct FQDN.

      Make sure, you use HTTP port other then your IIS HTTP port in Afaria server configurations. In all the settings i.e. package server, Enrollment Server, make sure your give machine <IP>:<IIS_HTTP_PORT> if IIS is not accessible through IP directly.

      Then restart all the services and create enrollment code and try once.

      Regards,

      Abhishek Joshi

  • author's profile photo Former Member
    Former Member
    Posted on Nov 06, 2012 at 04:12 PM

    what version of iOS is the device running that you are trying to enrol?

    The reason for asking is that most recent versions of iOS (from v5 onwards) require that the first point the device hits for MDM enrollment is secured.

    So if you are using the Relay Server then you must make sure this is secured with an SSL cert and that you connect to it from the device using HTTPS://<enrollment server address or relay>...

    That is likely what is causing the iOS device to not enrol.

    There are a number of other potential issues with the screenshots you have posted...

    Is the Afaria Administrator installed on the same box as the Afaria Server?

    Is the Afaria Enrolment server installed on the same box as the Afaria Server?

    If the answer to either of those 2 is yes, then youwill be running IIS which will likely already be listening on port 80 for HTTP communication, and therefore you setting the Afaria Server to also listen on port 80 for http will cause a port conflict, and probably your afaria service won't start.

    In your second lot of screenshots you are accessing the administrator over https on port 444 and there is a certificate installed in IIS on that machine. Then you show trying to Set the Afaria service to listen on HTTPS, but in order to do this you would need to set a certificate in Afaria for this purpose. the fact that you have done this for IIS makes no difference to Afaria. Just below the box where you set the ports the Afaria service listens on should be the option to set the certificates.

    None of that will help you with your iOS device enrolment as the iOS deivce doesn't communicate with the Afaria Server component, it communicates with the Afaria Enrolment server component running through IIS.

    Regards,

    Stephen

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.